Vermüllung des PC + Virus?

Carolin.Abär · 10.04.2014, 20:19

Hi,

ich hab ein großes Problem: Mein PC spinnt total. Mein Avira läuft nicht mehr richtig, beim Suchlauf es hängt immer an der gleichen Stelle und geht dann nicht mehr weiter. Die Datei bei der er hängt existiert aber nicht mehr.
Bei meinem Internet kann ich zwar noch Seiten aufrufen, aber es wird immer sofort von Werbung unterbrochen, die meine Seiten schließen und neue öffnen, da mein Flashplayer oder Googlechrome veraltet sei, die ich allerdings oft update und deshalb nicht veraltet sein können bzw ich soll mir Java runterladen, damit alles wieder geht, aber die Links sind von total unseriösen Seiten. Einige wenige Seiten gehen zwar noch, allerdings öffnet sich bei jedem Mausklick ein neue Werbung in einem weiterem Tabfenster.
Diese Seiten müllen meinen PC ständig mit irgendwelchen "Verbesserungsprogrammen" wie Antimaleware u.a. zu, die sich nicht wirklich deinstallieren oder schließen lassen. Desweiteren bekomme ich überall bei meinem PC ständig Werbung (auch außerhalb des Internets), die ebenfalls immer wieder kommt und nicht weg geht.

Ich bin total verzweifelt und weiß nicht mehr, was ich machen soll. Für Hilfe wäre ich echt dankbar.

mfg,
Caro

schrauber · 10.04.2014, 20:42

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Carolin.Abär · 11.04.2014, 15:51

Vielen Dank für die schnelle Antwort. Ich habe FRST heruntergeladen und den Scan durchlaufen lassen. FRST.txt und Addition.txt befinden sich im Anhang.
Die Progamme (angeblich PC Verbesserer), die es immer mit herunterlädt hab ich erstmals weitgehend gelöscht, die Probleme bestehen aber weiterhin.

Mfg,
Caro

schrauber · 13.04.2014, 16:27

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Carolin.Abär · 15.04.2014, 19:48

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Carolin (administrator) on GUTEMINE on 11-04-2014 16:27:16
Running from C:\Users\Carolin\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\pg_ctl.exe
() C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-999138141-1912988859-3756178019-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-999138141-1912988859-3756178019-1001\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-999138141-1912988859-3756178019-1001\...\MountPoints2: {7a253dca-4c81-11e3-b61d-806e6f6e6963} - E:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgQ,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2kIxCt7ZcOF-s2b5EoqfRzvdmIPtUlXwys0TxFjiRtanA56Cmp6aFuX7Uo0EYalE,
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B35845349E4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgQ,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397054000&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgM,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgM,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgQ,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgQ,&q={searchTerms}
BHO: HQVid8.1v2 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-bho64.dll (High-QualityV9)
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: Freeven Pro 1.3 - {11111111-1111-1111-1111-110511421155} - C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho64.dll (Freeven)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HQVid8.1v2 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-bho.dll (High-QualityV9)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven Pro 1.3 - {11111111-1111-1111-1111-110511421155} - C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho.dll (Freeven)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default
FF user.js: detected! => C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\user.js
FF DefaultSearchEngine: webssearches
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-09]
FF Extension: Freeven Pro 1.3 - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\Extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com [2014-04-10]
FF Extension: HQVid8.1v2 - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-09]
FF Extension: Quick Start - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\Extensions\quick_start@gmail.com [2014-04-09]
FF Extension: No Name - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\Extensions\staged [2014-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\quick_start@gmail.com [2014-04-09]
FF HKCU\...\Firefox\Extensions: [{8c46fde2-8f22-4b77-9d6b-47daa604b639}] - C:\Program Files (x86)\Re-markit Corp\158.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit Corp\158.xpi [2014-04-09]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://istart.webssearches.com/?type=sc&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPC64DBDF9-BD33-42E9-B02D-7FD8C1A1AF6E&SSPV=
CHR Extension: (Google Docs) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-17]
CHR Extension: (Google Drive) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-17]
CHR Extension: (YouTube) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-17]
CHR Extension: (Google-Suche) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-17]
CHR Extension: (Re-markit) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-04-09]
CHR Extension: (HQVid8.1v2) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-04-09]
CHR Extension: (MediaPlayerplus) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-09]
CHR Extension: (DVDVideoSoft) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Google Mail) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-17]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-09]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-04-10] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group)
R2 Re-markit; C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe [142336 2014-04-09] ()
S2 Update BrowseMark; "C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 SMSCIRDA; C:\Windows\System32\DRIVERS\SMSCir64.sys [37760 2007-04-25] (SMSC)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-11 16:27 - 2014-04-11 16:27 - 00019194 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-11 16:27 - 2014-04-11 16:27 - 00000000 ____D () C:\FRST
2014-04-11 16:26 - 2014-04-11 16:27 - 02157056 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:49 - 2014-04-10 20:49 - 00001113 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-04-10 20:49 - 2014-04-10 20:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\newplayer
2014-04-10 20:47 - 2014-04-11 16:23 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Activeris
2014-04-10 20:47 - 2014-04-11 14:47 - 00001528 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.job
2014-04-10 20:47 - 2014-04-11 14:47 - 00001472 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.job
2014-04-10 20:47 - 2014-04-11 14:47 - 00001362 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.job
2014-04-10 20:47 - 2014-04-10 20:48 - 00004558 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5
2014-04-10 20:47 - 2014-04-10 20:48 - 00004502 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5
2014-04-10 20:47 - 2014-04-10 20:48 - 00004392 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2
2014-04-10 20:47 - 2014-04-10 20:47 - 00441856 _____ () C:\Users\Carolin\Downloads\Java (1).exe
2014-04-10 20:46 - 2014-04-11 14:46 - 00001418 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.job
2014-04-10 20:46 - 2014-04-11 14:46 - 00001386 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1.job
2014-04-10 20:46 - 2014-04-10 20:50 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:46 - 2014-04-10 20:49 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-04-10 20:46 - 2014-04-10 20:47 - 00004472 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1
2014-04-10 20:46 - 2014-04-10 20:47 - 00004448 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2
2014-04-10 20:46 - 2014-04-10 20:47 - 00004416 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1
2014-04-10 20:45 - 2014-04-11 14:50 - 00002784 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.job
2014-04-10 20:45 - 2014-04-11 14:46 - 00001442 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1.job
2014-04-10 20:45 - 2014-04-11 14:45 - 00003128 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.job
2014-04-10 20:45 - 2014-04-11 14:45 - 00002210 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.job
2014-04-10 20:45 - 2014-04-11 14:45 - 00002146 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.job
2014-04-10 20:45 - 2014-04-10 20:47 - 00000000 ____D () C:\Program Files (x86)\Freeven Pro 1.3
2014-04-10 20:45 - 2014-04-10 20:46 - 00005240 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4
2014-04-10 20:45 - 2014-04-10 20:46 - 00005176 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4
2014-04-10 20:45 - 2014-04-10 20:45 - 00006158 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3
2014-04-10 20:45 - 2014-04-10 20:45 - 00005814 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:44 - 2014-04-10 20:44 - 00000000 ____D () C:\Users\Carolin\AppData\Local\SearchProtect
2014-04-10 20:44 - 2014-04-10 20:44 - 00000000 _____ () C:\END
2014-04-10 20:37 - 2014-04-10 20:37 - 00239904 _____ (Premium Installer ) C:\Users\Carolin\Downloads\Player-Chrome.exe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:31 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Mobogenie
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\Documents\Mobogenie
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:14 - 2014-04-10 19:14 - 00993720 _____ () C:\Users\Carolin\Downloads\setup.exe
2014-04-10 19:08 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 19:08 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 19:08 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 19:08 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 19:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 19:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 19:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 19:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 19:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 19:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 19:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 19:07 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-09 16:49 - 2014-04-10 18:58 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-09 16:49 - 2014-04-09 18:01 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-09 16:49 - 2014-04-09 16:49 - 00002834 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-09 16:49 - 2014-04-09 16:49 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:45 - 2014-01-21 17:28 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-09 16:44 - 2014-04-10 19:40 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\systweak
2014-04-09 16:44 - 2014-04-08 20:18 - 01083403 _____ (AnyProtect.com) C:\Users\Carolin\AppData\Local\AnyProtectScannerSetup.exe
2014-04-09 16:37 - 2014-04-11 13:50 - 00001438 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-09 16:37 - 2014-04-09 16:38 - 00004468 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-09 16:36 - 2014-04-11 13:50 - 00002176 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-09 16:36 - 2014-04-09 16:36 - 00005206 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-09 16:35 - 2014-04-11 13:50 - 00003124 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-09 16:35 - 2014-04-10 20:47 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-09 16:35 - 2014-04-09 16:36 - 00006154 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-09 16:35 - 2014-04-09 16:35 - 01100952 _____ (AnyProtect.com) C:\Users\Carolin\AppData\Local\nsq3DA1.tmp
2014-04-09 16:34 - 2014-04-11 13:50 - 00001418 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-09 16:34 - 2014-04-11 13:50 - 00001324 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-09 16:34 - 2014-04-11 13:50 - 00001318 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-09 16:34 - 2014-04-09 16:35 - 00004448 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-09 16:34 - 2014-04-09 16:34 - 00005356 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-09 16:34 - 2014-04-09 16:34 - 00004354 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-09 16:34 - 2014-04-09 16:34 - 00004348 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-09 16:33 - 2014-04-11 13:51 - 00002326 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-09 16:33 - 2014-04-11 13:50 - 00002774 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-09 16:33 - 2014-04-09 16:34 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-09 16:33 - 2014-04-09 16:33 - 00005804 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-09 16:32 - 2014-04-11 16:24 - 00000396 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-09 16:32 - 2014-04-11 13:50 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-09 16:32 - 2014-04-09 16:33 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp
2014-04-09 16:32 - 2014-04-09 16:32 - 00003048 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-09 16:32 - 2014-04-09 16:32 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:31 - 2014-04-09 16:32 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:27 - 2014-04-09 16:28 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 00610824 _____ () C:\Users\Carolin\Downloads\Java.exe
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:24 - 2014-04-09 16:25 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:22 - 2014-04-09 16:23 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:21 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:18 - 2014-04-09 16:19 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:25 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:17 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:15 - 2014-04-09 16:17 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:12 - 2014-04-09 16:14 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:12 - 2014-04-09 16:14 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:09 - 2014-04-09 16:17 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:08 - 2014-04-09 16:17 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:06 - 2014-04-09 16:07 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 16:04 - 2014-04-09 16:13 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 13:56 - 2014-04-09 13:58 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:46 - 2014-04-08 20:47 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:07 - 2014-04-06 16:08 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:04 - 2014-04-06 16:05 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:49 - 2014-04-06 15:50 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:41 - 2014-04-06 15:42 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:38 - 2014-04-06 15:39 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:27 - 2014-04-06 15:28 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:24 - 2014-04-06 15:25 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:20 - 2014-04-06 15:21 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:19 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:06 - 2014-04-06 15:07 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:20 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:14 - 2014-04-06 14:15 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:56 - 2014-04-02 21:57 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:50 - 2014-04-02 21:51 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:21 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:56 - 2014-03-31 22:57 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-04-08 22:35 - 00599658 _____ () C:\blitzerr.txt
2014-03-28 22:09 - 2014-03-28 23:25 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-04-08 22:38 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2013-11-20 23:23 - 00000000 ____D () C:\Users\postgres\AppData\Local\Microsoft Help
2014-03-28 22:02 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-28 22:02 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-28 21:59 - 2014-03-28 22:02 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:58 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 21:56 - 2014-03-28 21:57 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-28 14:04 - 2014-04-11 15:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 14:04 - 2014-04-10 20:38 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-03-28 14:04 - 2014-04-10 20:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-20 18:47 - 2014-03-31 21:23 - 00039047 _____ () C:\Users\Carolin\Desktop\Heinrich Böll.odt
2014-03-19 13:53 - 2014-03-19 15:12 - 00023391 _____ () C:\Users\Carolin\Documents\ansichten eines Clowns.odt
2014-03-15 16:12 - 2014-03-16 19:56 - 00017296 _____ () C:\Users\Carolin\Documents\englisch mediation.odt
2014-03-15 09:56 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-15 09:56 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 09:56 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-15 09:56 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-15 09:56 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 09:56 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-15 09:56 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 09:56 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-15 09:56 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-15 09:56 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-15 09:56 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-15 09:56 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-15 09:56 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-15 09:56 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-15 09:56 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-15 09:56 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-15 09:56 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-15 09:56 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-15 09:56 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-15 09:56 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 09:56 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-15 09:56 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-15 09:56 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-15 09:56 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-15 09:56 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 09:56 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-15 09:56 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-15 09:56 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 09:56 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-15 09:56 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-15 09:56 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-15 09:56 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 09:56 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-15 09:56 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-15 09:56 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-15 09:56 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-15 09:56 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 09:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-15 09:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-15 09:56 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-15 09:51 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-15 09:51 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 09:51 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-15 09:51 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-11 16:27 - 2014-04-11 16:27 - 00019194 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-11 16:27 - 2014-04-11 16:27 - 00000000 ____D () C:\FRST
2014-04-11 16:27 - 2014-04-11 16:26 - 02157056 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-11 16:26 - 2013-11-13 18:37 - 01477397 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 16:24 - 2014-04-09 16:32 - 00000396 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-11 16:23 - 2014-04-10 20:47 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Activeris
2014-04-11 15:57 - 2014-03-28 14:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 15:39 - 2013-11-14 18:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 14:50 - 2014-04-10 20:45 - 00002784 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.job
2014-04-11 14:47 - 2014-04-10 20:47 - 00001528 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.job
2014-04-11 14:47 - 2014-04-10 20:47 - 00001472 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.job
2014-04-11 14:47 - 2014-04-10 20:47 - 00001362 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.job
2014-04-11 14:46 - 2014-04-10 20:46 - 00001418 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.job
2014-04-11 14:46 - 2014-04-10 20:46 - 00001386 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1.job
2014-04-11 14:46 - 2014-04-10 20:45 - 00001442 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1.job
2014-04-11 14:45 - 2014-04-10 20:45 - 00003128 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.job
2014-04-11 14:45 - 2014-04-10 20:45 - 00002210 _____ () C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.job
2014-04-11 14:45 - 2014-04-10 20:45 - 00002146 _____ () C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.job
2014-04-11 13:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-11 13:51 - 2014-04-09 16:33 - 00002326 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-11 13:50 - 2014-04-09 16:37 - 00001438 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-11 13:50 - 2014-04-09 16:36 - 00002176 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-11 13:50 - 2014-04-09 16:35 - 00003124 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-11 13:50 - 2014-04-09 16:34 - 00001418 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-11 13:50 - 2014-04-09 16:34 - 00001324 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-11 13:50 - 2014-04-09 16:34 - 00001318 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-11 13:50 - 2014-04-09 16:33 - 00002774 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-11 13:50 - 2014-04-09 16:32 - 00000394 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-11 13:50 - 2013-11-14 18:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 11:23 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 11:23 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 11:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 11:15 - 2009-07-14 06:51 - 00034568 _____ () C:\Windows\setupact.log
2014-04-11 11:14 - 2010-11-21 05:47 - 00165704 _____ () C:\Windows\PFRO.log
2014-04-11 10:58 - 2013-11-16 15:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 10:57 - 2013-11-13 19:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 10:56 - 2013-11-13 19:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-11 10:54 - 2013-11-18 09:35 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Skype
2014-04-10 21:19 - 2013-11-18 12:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC49DE3F-D8F1-4471-A5A1-E3C1D3598505}
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:50 - 2014-04-10 20:46 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:49 - 2014-04-10 20:49 - 00001113 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-04-10 20:49 - 2014-04-10 20:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\newplayer
2014-04-10 20:49 - 2014-04-10 20:46 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-04-10 20:48 - 2014-04-10 20:47 - 00004558 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5
2014-04-10 20:48 - 2014-04-10 20:47 - 00004502 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5
2014-04-10 20:48 - 2014-04-10 20:47 - 00004392 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2
2014-04-10 20:47 - 2014-04-10 20:47 - 00441856 _____ () C:\Users\Carolin\Downloads\Java (1).exe
2014-04-10 20:47 - 2014-04-10 20:46 - 00004472 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1
2014-04-10 20:47 - 2014-04-10 20:46 - 00004448 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2
2014-04-10 20:47 - 2014-04-10 20:46 - 00004416 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1
2014-04-10 20:47 - 2014-04-10 20:45 - 00000000 ____D () C:\Program Files (x86)\Freeven Pro 1.3
2014-04-10 20:47 - 2014-04-09 16:35 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-10 20:46 - 2014-04-10 20:45 - 00005240 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4
2014-04-10 20:46 - 2014-04-10 20:45 - 00005176 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4
2014-04-10 20:45 - 2014-04-10 20:45 - 00006158 _____ () C:\Windows\System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3
2014-04-10 20:45 - 2014-04-10 20:45 - 00005814 _____ () C:\Windows\System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:44 - 2014-04-10 20:44 - 00000000 ____D () C:\Users\Carolin\AppData\Local\SearchProtect
2014-04-10 20:44 - 2014-04-10 20:44 - 00000000 _____ () C:\END
2014-04-10 20:38 - 2014-03-28 14:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-04-10 20:37 - 2014-04-10 20:37 - 00239904 _____ (Premium Installer ) C:\Users\Carolin\Downloads\Player-Chrome.exe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 20:36 - 2013-11-16 11:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 20:29 - 2014-03-28 14:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-10 20:29 - 2013-11-16 11:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-10 20:29 - 2013-11-16 11:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-10 20:01 - 2013-12-07 00:47 - 00000000 ____D () C:\Users\Carolin\AppData\Local\PokerStars.EU
2014-04-10 19:40 - 2014-04-09 16:44 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\systweak
2014-04-10 19:33 - 2013-12-05 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-04-10 19:31 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Mobogenie
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:23 - 2013-11-16 22:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\Documents\Mobogenie
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:17 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin
2014-04-10 19:14 - 2014-04-10 19:14 - 00993720 _____ () C:\Users\Carolin\Downloads\setup.exe
2014-04-10 18:58 - 2014-04-09 16:49 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-09 18:01 - 2014-04-09 16:49 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-09 16:52 - 2014-04-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D7
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D6
2014-04-09 16:50 - 2014-04-09 16:50 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D5
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D4
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D3
2014-04-09 16:49 - 2014-04-09 16:49 - 00003258 _____ () C:\Windows\System32\Tasks\Opera D2
2014-04-09 16:49 - 2014-04-09 16:49 - 00002834 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-09 16:49 - 2014-04-09 16:49 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:38 - 2014-04-09 16:37 - 00004468 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-09 16:36 - 2014-04-09 16:36 - 00005206 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-09 16:36 - 2014-04-09 16:35 - 00006154 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-09 16:35 - 2014-04-09 16:35 - 01100952 _____ (AnyProtect.com) C:\Users\Carolin\AppData\Local\nsq3DA1.tmp
2014-04-09 16:35 - 2014-04-09 16:34 - 00004448 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-09 16:35 - 2013-11-14 18:15 - 00002385 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 16:35 - 2013-11-14 18:12 - 00001357 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-09 16:34 - 2014-04-09 16:34 - 00005356 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-09 16:34 - 2014-04-09 16:34 - 00004354 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-09 16:34 - 2014-04-09 16:34 - 00004348 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-09 16:34 - 2014-04-09 16:33 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-09 16:33 - 2014-04-09 16:33 - 00005804 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-09 16:33 - 2014-04-09 16:32 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp
2014-04-09 16:32 - 2014-04-09 16:32 - 00003048 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-09 16:32 - 2014-04-09 16:32 - 00002986 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:32 - 2014-04-09 16:31 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:28 - 2014-04-09 16:27 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 00610824 _____ () C:\Users\Carolin\Downloads\Java.exe
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:25 - 2014-04-09 16:24 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:25 - 2014-04-09 16:17 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:23 - 2014-04-09 16:22 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:18 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:19 - 2014-04-09 16:18 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:16 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:17 - 2014-04-09 16:15 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:17 - 2014-04-09 16:09 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:17 - 2014-04-09 16:08 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:14 - 2014-04-09 16:12 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:14 - 2014-04-09 16:12 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:13 - 2014-04-09 16:04 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:07 - 2014-04-09 16:06 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 13:58 - 2014-04-09 13:56 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-09 13:46 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Adobe
2014-04-08 22:38 - 2014-03-28 22:03 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-04-08 22:35 - 2014-03-28 22:09 - 00599658 _____ () C:\blitzerr.txt
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:47 - 2014-04-08 20:46 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-08 20:18 - 2014-04-09 16:44 - 01083403 _____ (AnyProtect.com) C:\Users\Carolin\AppData\Local\AnyProtectScannerSetup.exe
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:08 - 2014-04-06 16:07 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:04 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:50 - 2014-04-06 15:49 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:42 - 2014-04-06 15:41 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:39 - 2014-04-06 15:38 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:27 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:25 - 2014-04-06 15:24 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:20 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:19 - 2014-04-06 15:18 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:07 - 2014-04-06 15:06 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:52 - 2013-11-14 03:32 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 14:52 - 2013-11-14 03:32 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 14:52 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 14:43 - 2014-01-05 23:29 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Microsoft Games
2014-04-06 14:20 - 2014-04-06 14:19 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:15 - 2014-04-06 14:14 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-05 23:44 - 2014-01-05 23:29 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-04-04 00:34 - 2013-11-14 18:14 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 00:34 - 2013-11-14 18:14 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:57 - 2014-04-02 21:56 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:51 - 2014-04-02 21:50 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:21 - 2014-03-31 23:20 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:57 - 2014-03-31 22:56 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-31 21:23 - 2014-03-20 18:47 - 00039047 _____ () C:\Users\Carolin\Desktop\Heinrich Böll.odt
2014-03-31 13:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 03:16 - 2014-04-10 19:08 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 19:08 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-28 23:25 - 2014-03-28 22:09 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:03 - 2014-03-28 21:58 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2014-03-28 21:59 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:57 - 2014-03-28 21:56 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-19 15:12 - 2014-03-19 13:53 - 00023391 _____ () C:\Users\Carolin\Documents\ansichten eines Clowns.odt
2014-03-19 09:54 - 2009-07-14 06:45 - 00398296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 19:56 - 2014-03-15 16:12 - 00017296 _____ () C:\Users\Carolin\Documents\englisch mediation.odt
2014-03-13 20:46 - 2014-03-07 01:30 - 01592836 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Carolin\AppData\Local\Temp\6_Offer_10.exe
C:\Users\Carolin\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\Carolin\AppData\Local\Temp\avgnt.exe
C:\Users\Carolin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Carolin\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Carolin\AppData\Local\Temp\EAD9954.exe
C:\Users\Carolin\AppData\Local\Temp\freeven-prox-1-3.exe
C:\Users\Carolin\AppData\Local\Temp\instruct.exe
C:\Users\Carolin\AppData\Local\Temp\mainapp.exe
C:\Users\Carolin\AppData\Local\Temp\mediaplayerpluus.exe
C:\Users\Carolin\AppData\Local\Temp\nsc131D.exe
C:\Users\Carolin\AppData\Local\Temp\nsh77D1.exe
C:\Users\Carolin\AppData\Local\Temp\nshD8BB.exe
C:\Users\Carolin\AppData\Local\Temp\nsm1A11.exe
C:\Users\Carolin\AppData\Local\Temp\nsmC95D.exe
C:\Users\Carolin\AppData\Local\Temp\nsr1723.exe
C:\Users\Carolin\AppData\Local\Temp\nsrD59E.exe
C:\Users\Carolin\AppData\Local\Temp\speedupmypc.exe
C:\Users\Carolin\AppData\Local\Temp\spidentifierimpl.exe
C:\Users\Carolin\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Carolin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Carolin\AppData\Local\Temp\vopackage.exe
C:\Users\Papa\AppData\Local\Temp\avgnt.exe
C:\Users\Papa\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 07:11

==================== End Of Log ============================

--- --- ---

[/CODE]

Carolin.Abär · 15.04.2014, 19:54

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Carolin at 2014-04-11 16:28:13
Running from C:\Users\Carolin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)

==================== Restore Points  =========================

06-04-2014 17:30:33 Geplanter Prüfpunkt
09-04-2014 11:54:14 Removed Adobe Reader XI (11.0.04) - Deutsch.
09-04-2014 11:58:12 Removed Adobe Reader XI (11.0.04) - Deutsch.
10-04-2014 17:29:06 Removed Microsoft Silverlight
10-04-2014 18:46:15 Uniblue SpeedUpMyPC installation
11-04-2014 08:55:28 Windows Modules Installer

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00CFEF1E-D89A-48EC-AC6A-3E2E9FA88E3D} - System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1 => C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-codedownloader.exe [2014-04-10] (Freeven)
Task: {0C5439D2-4428-4661-B717-A6946BB12710} - System32\Tasks\Opera D4 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: {0C730ED5-FEE1-49CC-9C94-562213D5FC33} - System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-10] (Freeven)
Task: {15F94E80-0403-415F-9452-EC9F4D3CADA2} - System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2 => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.exe [2014-04-10] (Freeven)
Task: {19C21770-7594-4640-8D65-B5E40435F3ED} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe [2014-04-09] () <==== ATTENTION
Task: {1AAE6240-1948-4D5E-BD5E-2CD19EA0778C} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.exe [2014-04-09] (High-QualityV9)
Task: {1D919B0B-E937-4FC5-A209-80BABDDB4D72} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.exe [2014-04-09] (High-QualityV9)
Task: {1FF676B2-319A-462F-9613-221164C47917} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit Corp\ReMar.exe [2014-04-09] () <==== ATTENTION
Task: {247A2817-15DB-4CDC-8543-247AD6E25EB6} - System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3 => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.exe [2014-04-10] (Freeven)
Task: {282D357C-C677-4E06-AD98-1410644722BB} - System32\Tasks\Opera D3 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: {3152CB30-EA16-4929-94B8-DB611B4A5254} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {3E02BC1E-955D-43F0-942F-B2970EE6FA03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {4564F9EB-6BAB-494E-837A-9575DA718248} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {575F5FF0-955C-45BD-B16D-8C9E36ECC147} - System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {581CC6A9-A759-49C6-8209-091E21C939A8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-999138141-1912988859-3756178019-1001
Task: {59917E01-12E5-4B43-AB25-7459753AE38F} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.exe [2014-04-09] (High-QualityV9)
Task: {5EE54CE6-1759-4D43-BDEC-F3462C487962} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe [2014-04-09] (Freeven)
Task: {655D8DA4-A6B6-4617-9B04-48720F25DB5A} - System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4 => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.exe [2014-04-10] (Freeven)
Task: {65B9C33C-511C-4B88-8A14-88CB19EDDB1B} - System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2 => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.exe [2014-04-10] (Freeven)
Task: {695A3679-90FE-4DFF-B4E8-0CD8BC3B4D64} - System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4 => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.exe [2014-04-10] (Freeven)
Task: {711B4966-BD8A-4598-9006-99B5BED3FA96} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {79F785D9-A6FA-499F-9B48-BE1C95DAB76C} - System32\Tasks\Opera D7 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: {7F23E2C7-455A-4B97-A6EA-F249232BA4F2} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {94D74F8A-CEC2-4E17-B06F-00B29FF865E6} - System32\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5 => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.exe [2014-04-10] (Freeven)
Task: {9624BB95-1194-428F-B3E1-68F79203F3C4} - System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {A5F14584-6997-465F-9B75-C189780B0D7C} - System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3 => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.exe [2014-04-10] (Freeven)
Task: {AB2644A5-0B39-425D-8FC0-C25B09C358C9} - System32\Tasks\Opera D2 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: {C067FCE2-0E84-463A-849B-DEBF78751FCC} - System32\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5 => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe [2014-04-10] (Freeven)
Task: {C44C7623-2B5D-4E78-A6B8-5126C5E38040} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1 => C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-codedownloader.exe [2014-04-09] (High-QualityV9)
Task: {D5080581-B7EA-4F64-BD34-1625B8F07D2B} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.exe [2014-04-09] (High-QualityV9)
Task: {DEDBACB4-8A18-4667-98C5-BE468FDCA623} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-10] (Freeven)
Task: {E9D3E4D1-BAB7-490B-88A8-8C03858544FB} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe [2014-04-09] (Freeven)
Task: {F1A6123A-C3E7-4115-B4A7-19DAA9E51632} - System32\Tasks\Opera D6 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: {FD59F430-B13E-4825-897A-708EFAE3E7A7} - System32\Tasks\Opera D5 => C:\Program Files (x86)\Opera\launcher.exe [2014-04-02] (Opera Software)
Task: C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.job => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.exe
Task: C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.job => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.exe
Task: C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.job => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.exe
Task: C:\Windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.job => C:\Program Files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1.job => C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-codedownloader.exe
Task: C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.job => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.exe
Task: C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.job => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.exe
Task: C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.job => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.exe
Task: C:\Windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.job => C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job => C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-codedownloader.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit Corp\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-10 11:42 - 2014-04-10 11:42 - 00011776 _____ () C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
2014-04-09 16:32 - 2014-04-09 16:32 - 00142336 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe
2014-04-09 16:32 - 2014-04-09 16:32 - 00077312 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe
2013-11-16 18:54 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-11-16 11:54 - 2013-10-31 20:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-28 22:01 - 2014-02-18 10:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-04-09 16:32 - 2014-04-09 16:32 - 00133120 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit158.dll
2014-03-28 22:01 - 2012-08-14 15:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-11-16 18:54 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-16 19:58 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Massenspeichercontroller
Description: Massenspeichercontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2014 11:16:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2014 11:16:01 AM) (Source: PostgreSQL) (User: )
Description: 2014-04-11 11:16:01 CESTFATAL:  the database system is starting up

Error: (04/11/2014 10:54:04 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (04/10/2014 07:39:24 PM) (Source: Microsoft-Windows-RestartManager) (User: Gutemine)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.

Error: (04/10/2014 07:37:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 07:35:26 PM) (Source: PostgreSQL) (User: )
Description: 2014-04-10 19:35:26 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:25 PM) (Source: PostgreSQL) (User: )
Description: 2014-04-10 19:35:25 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:24 PM) (Source: PostgreSQL) (User: )
Description: 2014-04-10 19:35:24 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:23 PM) (Source: PostgreSQL) (User: )
Description: 2014-04-10 19:35:23 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:22:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PCSUQuickScan.exe, Version: 0.0.0.0, Zeitstempel: 0x529f1ded
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x40a8
Startzeit der fehlerhaften Anwendung: 0xPCSUQuickScan.exe0
Pfad der fehlerhaften Anwendung: PCSUQuickScan.exe1
Pfad des fehlerhaften Moduls: PCSUQuickScan.exe2
Berichtskennung: PCSUQuickScan.exe3


System errors:
=============
Error: (04/11/2014 11:33:16 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{4E91C44E-EB71-48F3-A662-D6E46961405B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (04/11/2014 11:15:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update BrowseMark" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/11/2014 11:10:40 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{4E91C44E-EB71-48F3-A662-D6E46961405B}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (04/10/2014 07:35:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update BrowseMark" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/10/2014 07:32:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update PlurPush" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2014 07:17:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MgAssist Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/10/2014 06:58:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update BrowseMark" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/10/2014 06:58:01 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎10.‎04.‎2014 um 18:56:47 unerwartet heruntergefahren.

Error: (04/09/2014 04:58:36 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/09/2014 04:57:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update BrowseMark" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/11/2014 11:16:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2014 11:16:01 AM) (Source: PostgreSQL)(User: )
Description: 2014-04-11 11:16:01 CESTFATAL:  the database system is starting up

Error: (04/11/2014 10:54:04 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (04/10/2014 07:39:24 PM) (Source: Microsoft-Windows-RestartManager)(User: Gutemine)
Description: 1C:\Program Files (x86)\LPT\linmsl.exelinmsl0511749880

Error: (04/10/2014 07:37:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2014 07:35:26 PM) (Source: PostgreSQL)(User: )
Description: 2014-04-10 19:35:26 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:25 PM) (Source: PostgreSQL)(User: )
Description: 2014-04-10 19:35:25 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:24 PM) (Source: PostgreSQL)(User: )
Description: 2014-04-10 19:35:24 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:35:23 PM) (Source: PostgreSQL)(User: )
Description: 2014-04-10 19:35:23 CESTFATAL:  the database system is starting up

Error: (04/10/2014 07:22:03 PM) (Source: Application Error)(User: )
Description: PCSUQuickScan.exe0.0.0.0529f1dedKERNELBASE.dll6.1.7601.1822951fb1677e06d7363000000000000940d40a801cf54e142f46b48C:\Program Files (x86)\PC Speed Up\PCSUQuickScan.exeC:\Windows\system32\KERNELBASE.dlla1888238-c0d4-11e3-905e-00037a7ccc37


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 4049.8 MB
Available physical RAM: 1840.99 MB
Total Pagefile: 8097.78 MB
Available Pagefile: 5375.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.87 GB) (Free:199.01 GB) NTFS
Drive d: () (Fixed) (Total:172.79 GB) (Free:132.87 GB) NTFS
Drive e: (Sims3) (CDROM) (Total:5.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 141D0EAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=173 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Hi,

tut mir Leid, ich wusste von der Regelung nichts. Ich habe die Logs erneut gepostet.

Viele Grüße,

Caro

schrauber · 16.04.2014, 19:10

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Carolin.Abär · 17.04.2014, 18:43

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 14-04-12.01 - Carolin 17.04.2014  19:08:03.2.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4050.2604 [GMT 2:00]
ausgeführt von:: c:\users\Carolin\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\HQVid8.1v2\HQVId8.1v2-bho.dll
c:\program files (x86)\MediaPlayerplus\MeDIaplayerplus-bho.dll
c:\users\Carolin\AppData\Local\AnyProtectScannerSetup.exe
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_adbpopomabpienjnifocifondadaogpj_0
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_adbpopomabpienjnifocifondadaogpj_0\9
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0\8
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\background.html
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\chromeCoreFilesIndex.txt
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\crossriderManifest.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\manifest.xml
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\1.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\103.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\13.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\14.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\155.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\17.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\177.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\180.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\182.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\183.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\19.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\191.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\207.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\21.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\217.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\22.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\223.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\230.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\233.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\242.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\246.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\28.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\4.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\47.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\64.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\7.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\72.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\78.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\80.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\9.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\91.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\93.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\plugins\97.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\userCode\background.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\extensionData\userCode\extension.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\icons\actions\1.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\icons\icon128.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\icons\icon16.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\icons\icon48.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\chrome.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\cookie.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\message.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\monitor.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\pageAction.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\api\pageActionBG.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\background.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\app_api.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\bg_app_api.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\consts.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\cookie_store.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\crossriderAPI.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\delegate.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\events.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\extensionDataStore.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\installer.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\logFile.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\logging.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\onBGDocumentLoad.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\popupResource\newPopup.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\popupResource\popup.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\reports.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\storageWrapper.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\updateManager.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\util.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\lib\xhr.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\main.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\js\platformVersion.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\manifest.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj\1.26.17_0\popup.html
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\background.html
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\chromeCoreFilesIndex.txt
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\crossriderManifest.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\manifest.xml
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\1.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\102.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\103.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\104.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\119.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\13.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\14.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\17.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\177.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\179.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\180.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\182.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\183.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\184.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\19.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\191.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\207.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\21.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\22.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\223.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\231.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\232.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\242.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\246.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\28.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\4.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\47.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\64.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\72.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\78.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\80.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\91.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\93.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\plugins\97.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\userCode\background.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\extensionData\userCode\extension.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\icons\actions\1.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\icons\icon128.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\icons\icon16.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\icons\icon48.png
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\chrome.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\cookie.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\message.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\monitor.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\pageAction.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\api\pageActionBG.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\background.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\app_api.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\bg_app_api.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\consts.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\cookie_store.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\crossriderAPI.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\delegate.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\events.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\extensionDataStore.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\installer.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\logFile.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\logging.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\onBGDocumentLoad.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\popupResource\newPopup.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\popupResource\popup.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\reports.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\storageWrapper.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\updateManager.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\util.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\lib\xhr.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\main.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\js\platformVersion.js
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\manifest.json
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.35_0\popup.html
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\000034.ldb
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\000036.ldb
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\000039.ldb
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\000040.log
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\CURRENT
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\LOCK
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\LOG
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\LOG.old
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\adbpopomabpienjnifocifondadaogpj\MANIFEST-000038
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000101.log
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000102.ldb
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\CURRENT
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOCK
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG.old
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\MANIFEST-000099
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_adbpopomabpienjnifocifondadaogpj_0.localstorage-journal
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_adbpopomabpienjnifocifondadaogpj_0.localstorage
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage-journal
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage
c:\users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{39ADF836-D64E-40F4-860A-5EAF08DF2B55}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5A566691-E2EB-4EAB-9CA8-3374550E421A}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{62F83AF6-8A63-4BDC-91A6-75D4123291B0}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{685C956F-1F89-48D4-8FA3-D84879271216}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6B361B9B-B6D9-4368-A51B-7A6AFA93962F}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A3939B9E-E948-4022-BB28-EC3D7D58824D}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A42250F6-F626-4FCC-AFB9-141A3293E9D8}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A48BAE61-15E7-4F34-BDEA-0225E32B1792}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{ACD4D722-2A3C-40FA-85F2-BF8E8A45269A}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C9AC0DD9-38CF-4046-8A5B-87750A454D92}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D3C0C458-A5E8-4629-A2D8-86CBD69C91EA}.xps
c:\users\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F1B4DD8A-1CE6-4233-95A7-BFCCE9F95D28}.xps
c:\users\Carolin\AppData\Local\nsq3DA1.tmp
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome.manifest
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\api.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\background.html
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\baseObject.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\browser.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\console.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\consts.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\delegate.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\folderIOWrapper.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\installer.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\logFile.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\prefs.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\progressListenerObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\registry.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\reloadObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\reports.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\searchSettings.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\updateManager.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\core\xhr.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\dialog.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\main.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\options.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\options.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\platformVersion.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\chrome\content\search_dialog.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\defaults\preferences\prefs.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\manifest.xml
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins.json
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\1.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\103.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\13.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\14.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\155.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\16.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\17.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\177.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\180.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\182.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\183.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\191.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\207.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\21.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\217.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\22.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\223.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\230.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\233.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\242.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\246.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\28.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\4.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\47.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\64.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\7.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\72.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\78.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\9.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\91.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\93.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\plugins\98.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\userCode\background.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\extensionData\userCode\extension.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\install.rdf
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com\locale\en-US\translations.dtd
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome.manifest
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\asyncDB.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\background.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\browserAction.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\contextMenu.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dbManager.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dom_bg.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\fileManager.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefox.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxNotifications.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxOmnibox.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\message.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\pageAction.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\request.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\tabs.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\webRequest.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\background.html
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\baseObject.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\browser.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\console.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\consts.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\delegate.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\extensionDataStore.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\folderIOWrapper.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\httpObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\IDBWrapper.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\installer.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\logFile.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\prefs.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\progressListenerObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\registry.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reloadObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reports.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\requestObject.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\searchSettings.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\uninstallObserver.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\updateManager.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\utils.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\xhr.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\dialog.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\main.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\platformVersion.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\search_dialog.xul
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences\prefs.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\manifest.xml
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins.json
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\1.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\102.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\103.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\104.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\119.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\13.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\14.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\16.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\17.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\177.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\178.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\179.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\180.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\182.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\183.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\184.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\191.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\207.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\21.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\22.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\223.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\231.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\232.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\242.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\246.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\28.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\4.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\47.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\64.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\72.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\78.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\91.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\93.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\98.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\background.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\extension.js
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\install.rdf
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US\translations.dtd
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button1.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button2.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button3.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button4.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button5.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\crossrider_statusbar.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon128.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon16.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon24.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon48.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\panelarrow-up.png
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\popup.html
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\skin.css
c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\update.css
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-17 bis 2014-04-17  ))))))))))))))))))))))))))))))
.
.
2014-04-17 17:17 . 2014-04-17 17:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-17 17:17 . 2014-04-17 17:17	--------	d-----w-	c:\users\Papa\AppData\Local\temp
2014-04-15 01:04 . 2014-03-06 06:00	359936	----a-w-	c:\program files\Internet Explorer\IEShims.dll
2014-04-15 01:04 . 2014-03-06 05:50	257536	----a-w-	c:\program files (x86)\Internet Explorer\IEShims.dll
2014-04-15 01:04 . 2014-03-06 08:32	574976	----a-w-	c:\windows\system32\ieui.dll
2014-04-15 01:04 . 2014-03-06 08:57	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-04-15 01:04 . 2014-03-06 08:02	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-04-15 01:02 . 2014-03-06 07:36	592896	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-04-11 14:27 . 2014-04-11 14:28	--------	d-----w-	C:\FRST
2014-04-10 18:47 . 2014-04-11 14:23	--------	d-----w-	c:\users\Carolin\AppData\Roaming\Activeris
2014-04-10 18:46 . 2014-04-10 18:50	--------	d-----w-	C:\22ead09a2f41a2db04769f
2014-04-10 18:45 . 2014-04-10 18:47	--------	d-----w-	c:\program files (x86)\Freeven Pro 1.3
2014-04-10 18:44 . 2014-04-10 18:44	--------	d-----w-	c:\users\Carolin\AppData\Local\SearchProtect
2014-04-10 18:36 . 2014-04-10 18:36	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2014-04-10 17:23 . 2014-04-10 17:23	--------	d-----w-	c:\program files (x86)\VideoLAN
2014-04-10 17:21 . 2014-04-10 17:21	--------	d-----w-	c:\users\Carolin\AppData\Roaming\QuickScan
2014-04-10 17:17 . 2014-04-10 17:17	--------	d-----w-	c:\users\Carolin\.android
2014-04-10 17:17 . 2014-04-10 17:17	--------	d-----w-	c:\users\Carolin\AppData\Local\cache
2014-04-10 17:17 . 2014-04-10 17:31	--------	d-----w-	c:\users\Carolin\AppData\Local\Mobogenie
2014-04-09 14:49 . 2014-04-09 14:49	--------	d-----w-	c:\users\Carolin\AppData\Local\Opera Software
2014-04-09 14:49 . 2014-04-09 14:49	--------	d-----w-	c:\users\Carolin\AppData\Roaming\Opera Software
2014-04-09 14:48 . 2014-04-09 14:52	--------	d-----w-	c:\program files (x86)\Opera
2014-04-09 14:45 . 2014-01-21 15:28	20312	----a-w-	c:\windows\system32\roboot64.exe
2014-04-09 14:44 . 2014-04-10 17:40	--------	d-----w-	c:\users\Carolin\AppData\Roaming\systweak
2014-04-09 14:35 . 2014-04-17 17:14	--------	d-----w-	c:\program files (x86)\MediaPlayerplus
2014-04-09 14:33 . 2014-04-17 17:14	--------	d-----w-	c:\program files (x86)\HQVid8.1v2
2014-04-09 14:33 . 2014-04-09 14:33	--------	d-----w-	c:\users\Carolin\AppData\Roaming\webssearches
2014-04-09 14:32 . 2014-04-09 14:33	--------	d-----w-	c:\program files (x86)\Re-markit Corp
2014-04-09 11:56 . 2014-04-09 11:58	--------	d-----w-	c:\windows\system32\appmgmt
2014-03-28 20:32 . 2014-03-28 20:32	--------	d-----w-	c:\users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 20:09 . 2014-03-28 21:25	--------	d-----w-	C:\HM2Archive
2014-03-28 20:09 . 2014-03-28 20:09	--------	d-----w-	c:\users\Carolin\AppData\Roaming\HEM Data
2014-03-28 20:04 . 2014-03-28 20:04	--------	d-----w-	c:\users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 20:04 . 2014-03-28 20:04	--------	d-----w-	c:\programdata\XHEO INC
2014-03-28 20:03 . 2014-04-15 18:44	--------	d-----w-	c:\users\Carolin\AppData\Roaming\HoldemManager
2014-03-28 20:03 . 2014-03-28 20:03	--------	d-----w-	c:\program files (x86)\Holdem Manager 2
2014-03-28 20:02 . 2014-03-28 20:02	--------	d-----w-	c:\users\postgres
2014-03-28 19:59 . 2014-03-28 20:02	--------	d-----w-	C:\postgreSQL
2014-03-28 19:58 . 2014-03-28 20:03	--------	d-----w-	c:\program files (x86)\PSQLINSTALL
2014-03-28 12:57 . 2014-03-28 12:57	17879432	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-03-28 12:04 . 2014-04-10 18:38	--------	d-----w-	c:\users\Carolin\AppData\Local\Adobe
2014-03-21 13:53 . 2014-03-21 13:53	--------	d-----w-	c:\programdata\Oracle
2014-03-21 13:53 . 2014-03-21 13:53	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-03-21 13:52 . 2014-03-21 13:52	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-21 13:52 . 2014-03-21 13:52	--------	d-----w-	c:\program files (x86)\Java
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-11 08:56 . 2013-11-13 17:36	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-04-10 18:29 . 2013-11-16 09:43	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-10 18:29 . 2013-11-16 09:43	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-04 09:17 . 2014-04-10 17:07	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-07 01:23 . 2014-03-15 07:56	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-15 07:51	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-15 07:51	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-15 07:51	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-15 07:51	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-15 07:56	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-15 07:56	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-15 07:56	228864	----a-w-	c:\windows\system32\wwansvc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511421155}]
2014-04-10 18:46	495104	----a-w-	c:\program files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-31 21:08	277560	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-03-06 689744]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update BrowseMark;Update BrowseMark;c:\program files (x86)\BrowseMark\updateBrowseMark.exe;c:\program files (x86)\BrowseMark\updateBrowseMark.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:\postgresql\bin\pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w;c:\postgresql\bin\pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 Re-markit;Re-markit;c:\program files (x86)\Re-markit Corp\Re-markit158.exe;c:\program files (x86)\Re-markit Corp\Re-markit158.exe [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCir64.sys;c:\windows\SYSNATIVE\DRIVERS\SMSCir64.sys [x]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-11 19:40	1077576	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-17 c:\windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-1.job
- c:\program files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-09 18:45]
.
2014-04-17 c:\windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.job
- c:\program files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-2.exe [2014-04-10 18:46]
.
2014-04-17 c:\windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.job
- c:\program files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-3.exe [2014-04-10 18:45]
.
2014-04-17 c:\windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.job
- c:\program files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-4.exe [2014-04-10 18:45]
.
2014-04-17 c:\windows\Tasks\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.job
- c:\program files (x86)\MediaPlayerplus\3ef74201-3ef1-4506-857d-9cd4faec66c0-5.exe [2014-04-10 18:47]
.
2014-04-17 c:\windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
- c:\program files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-09 18:45]
.
2014-04-17 c:\windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
- c:\program files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe [2014-04-09 14:35]
.
2014-04-17 c:\windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
- c:\program files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe [2014-04-09 14:36]
.
2014-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 18:29]
.
2014-04-17 c:\windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-1.job
- c:\program files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-codedownloader.exe [2014-04-10 18:46]
.
2014-04-17 c:\windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.job
- c:\program files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-2.exe [2014-04-10 18:47]
.
2014-04-17 c:\windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.job
- c:\program files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.exe [2014-04-10 18:45]
.
2014-04-17 c:\windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.job
- c:\program files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-4.exe [2014-04-10 18:45]
.
2014-04-17 c:\windows\Tasks\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.job
- c:\program files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe [2014-04-10 18:47]
.
2014-04-17 c:\windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
- c:\program files (x86)\HQVid8.1v2\HQVid8.1v2-codedownloader.exe [2014-04-09 14:34]
.
2014-04-17 c:\windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
- c:\program files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.exe [2014-04-09 14:34]
.
2014-04-17 c:\windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
- c:\program files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.exe [2014-04-09 14:33]
.
2014-04-17 c:\windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
- c:\program files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.exe [2014-04-09 14:33]
.
2014-04-17 c:\windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
- c:\program files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.exe [2014-04-09 14:34]
.
2014-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14 16:14]
.
2014-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14 16:14]
.
2014-04-17 c:\windows\Tasks\Re-markit Update.job
- c:\program files (x86)\Re-markit Corp\ReMar.exe [2014-04-09 14:32]
.
2014-04-17 c:\windows\Tasks\Re-markit_wd.job
- c:\program files (x86)\Re-markit Corp\Re-markit_wd.exe [2014-04-09 14:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110511421155}]
2014-04-10 18:46	660992	----a-w-	c:\program files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-31 21:08	336952	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2kIxCt7ZcOF-s2b5EoqfRzvdmIPtUlXwys0TxFjiRtanA56Cmp6aFuX7Uo0EYalE,
mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397054118&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9GD903829&q={searchTerms}
uInternet Settings,ProxyServer = http=127.0.0.1:13828
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gf5bOvNfqXrfn-k9ji_fLiX24j_bO4bUiaErpUrJrLE_6CpZTQWUGYnHkHqT7oJ2nBKXwA1luW-w1xc7ETyEOOCLOVT28BdNpdtucnndKarXxBeZNUX--jI6HHsVfgQ,&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\
FF - ExtSQL: 2014-04-09 16:32; {8c46fde2-8f22-4b77-9d6b-47daa604b639}; c:\program files (x86)\Re-markit Corp\158.xpi
FF - ExtSQL: 2014-04-09 16:33; quick_start@gmail.com; c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\quick_start@gmail.com
FF - ExtSQL: 2014-04-09 16:37; a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com; c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
FF - ExtSQL: 2014-04-13 20:45; e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com; c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com
FF - ExtSQL: !HIDDEN! 2014-04-09 16:33; quick_start@gmail.com; c:\users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\extensions\quick_start@gmail.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110511311172} - c:\program files (x86)\HQVid8.1v2\HQVid8.1v2-bho.dll
BHO-{11111111-1111-1111-1111-110511421146} - c:\program files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="\"c:\postgresql\bin\pg_ctl.exe\" runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-999138141-1912988859-3756178019-1001\Software\SecuROM\License information*]
"datasecu"=hex:ab,62,03,73,4c,ef,af,0c,50,9c,2a,44,f1,eb,cb,12,47,71,3c,62,47,
   6c,4a,7d,26,e7,0b,d3,7a,40,87,6c,00,0b,a2,25,d4,c0,20,4c,43,86,25,a1,09,9e,\
"rkeysecu"=hex:17,c7,ba,47,20,05,3b,5c,5f,10,ff,9f,29,3b,20,94
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-17  19:26:42
ComboFix-quarantined-files.txt  2014-04-17 17:26
.
Vor Suchlauf: 15 Verzeichnis(se), 214.973.599.744 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 217.552.306.176 Bytes frei
.
- - End Of File - - 32D3380F55AC84664E98E12307DDF01A
         
 --- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Hi,

ich habe die Anweisung wie beschrieben ausgeführt. Allerdings hatte ich dabei folgendes Problem: Beim 1. Durchlauf ging nach dem 4. Schritt nichts mehr. Als sich nach über einer halben Stunde noch immer nichts neues getan hatte und immer noch Schritt 4 angezeigt wurde, habe ich meinen Computer neu gestartet und einen neuen Durchlauf gestartet (Logdatei dazu habe ich gepostet). Aber ich habe nicht bemerkt, dass sich beim Neustart des PC Avira neu gestartet hat, es war also während dem Durchlauf an. Ist das schlimm? Avira hat mir ebenfalls wieder einen Fund angezeigt, eventuell Virus. Ich habe mir mittlerweile auch den Google Ad Blocker geholt, seit dem ist das mit den Werbungen zumindest ein klein wenig besser.

Mfg,
Caro

schrauber · 18.04.2014, 16:26

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Carolin.Abär · 19.04.2014, 22:57

Hi,
habe alles runtergeladen und durchlaufen lassen. Ergebnisse sowie neues FRST kommen im Anschluss.

Mfg,
Caro

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2014
Ran by Carolin (administrator) on GUTEMINE on 19-04-2014 23:41:50
Running from C:\Users\Carolin\Desktop\Trojanerboard
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-999138141-1912988859-3756178019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-999138141-1912988859-3756178019-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B35845349E4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default
FF NewTab: about:blank
FF DefaultSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{8c46fde2-8f22-4b77-9d6b-47daa604b639}] - C:\Program Files (x86)\Re-markit Corp\158.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-17]
CHR Extension: (Google Drive) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-17]
CHR Extension: (YouTube) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-17]
CHR Extension: (Adblock Plus) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-18]
CHR Extension: (Google-Suche) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-17]
CHR Extension: (DVDVideoSoft) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Google Mail) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-17]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 SMSCIRDA; C:\Windows\System32\DRIVERS\SMSCir64.sys [37760 2007-04-25] (SMSC)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 23:40 - 2014-04-19 23:40 - 02055680 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64 (1).exe
2014-04-19 22:48 - 2014-04-19 22:48 - 00000811 _____ () C:\Users\Carolin\Desktop\JRT.txt
2014-04-19 22:41 - 2014-04-19 22:41 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT (1).exe
2014-04-19 22:40 - 2014-04-19 22:40 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 22:39 - 2014-04-19 22:39 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT.exe
2014-04-18 23:30 - 2014-04-18 23:33 - 00000000 ____D () C:\AdwCleaner
2014-04-18 23:28 - 2014-04-18 23:28 - 01426178 _____ () C:\Users\Carolin\Downloads\adwcleaner.exe
2014-04-18 19:54 - 2014-04-19 23:41 - 00000000 ____D () C:\Users\Carolin\Desktop\Trojanerboard
2014-04-18 18:32 - 2014-04-18 18:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 18:30 - 2014-04-19 23:25 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-18 18:30 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 18:30 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 18:30 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 18:28 - 2014-04-18 18:29 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 19:26 - 2014-04-17 19:26 - 00085720 _____ () C:\ComboFix.txt
2014-04-17 18:09 - 2014-04-17 18:09 - 05194807 _____ (Swearware) C:\Users\Carolin\Downloads\ComboFix (1).exe
2014-04-17 18:07 - 2014-04-17 19:27 - 00000000 ____D () C:\Qoobox
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 18:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-17 18:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-17 18:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-17 18:06 - 2014-04-17 19:23 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 18:04 - 2014-04-17 18:09 - 05194807 ____R (Swearware) C:\Users\Carolin\Downloads\ComboFix.exe
2014-04-15 03:04 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 03:04 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 03:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 03:04 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 03:03 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 03:03 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 03:03 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 03:03 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 03:03 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 03:03 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 03:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 03:03 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 03:03 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 03:03 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 03:03 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 03:03 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 03:03 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 03:03 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 03:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 03:03 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 03:03 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 03:03 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 03:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 03:03 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 03:03 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 03:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 03:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 03:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 03:02 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 03:02 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 03:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 03:02 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 03:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 03:02 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 03:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 03:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 03:02 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 03:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 03:02 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 03:02 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 03:02 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 03:02 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 03:02 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 03:02 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 03:02 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 03:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 03:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 03:02 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 15:53 - 2014-04-13 15:53 - 02125791 _____ () C:\Users\Carolin\Downloads\Natef005_afGamineDress.sims3pack
2014-04-12 17:15 - 2014-04-12 17:15 - 01219154 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_SpringkissTeen.sims3pack
2014-04-12 17:13 - 2014-04-12 17:14 - 21058075 _____ () C:\Users\Carolin\Downloads\Spelling Manor.Sims3Pack
2014-04-12 17:13 - 2014-04-12 17:13 - 02312193 _____ () C:\Users\Carolin\Downloads\Titania.sims3pack
2014-04-12 17:11 - 2014-04-12 17:11 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744 (1).zip
2014-04-12 17:09 - 2014-04-12 17:09 - 00244498 _____ () C:\Users\Carolin\Downloads\TwS3_tf-ef_earrings02.sims3pack
2014-04-12 17:07 - 2014-04-12 17:07 - 03209976 _____ () C:\Users\Carolin\Downloads\1151760.zip
2014-04-12 17:07 - 2014-04-12 17:07 - 02428501 _____ () C:\Users\Carolin\Downloads\Harmonia_FarmDenimFloralDress.sims3pack
2014-04-12 16:59 - 2014-04-12 17:00 - 39339383 _____ () C:\Users\Carolin\Downloads\Philo_Pomone.Sims3Pack
2014-04-12 16:56 - 2014-04-12 16:56 - 00651228 _____ () C:\Users\Carolin\Downloads\Essence-ToySoldier.sims3pack
2014-04-12 16:43 - 2014-04-12 16:43 - 04570964 _____ () C:\Users\Carolin\Downloads\lillka_Chick To School - Outfit.sims3pack
2014-04-12 16:42 - 2014-04-12 16:43 - 06854479 _____ () C:\Users\Carolin\Downloads\1166632.zip
2014-04-12 00:09 - 2014-04-12 00:09 - 00883657 _____ () C:\Users\Carolin\Downloads\Fast Last T-Shirt by Devirose.sims3pack
2014-04-12 00:08 - 2014-04-12 00:08 - 00662944 _____ () C:\Users\Carolin\Downloads\Fast Scintillant Jeans by Devirose.sims3pack
2014-04-12 00:07 - 2014-04-12 00:07 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress (1).sims3pack
2014-04-11 23:53 - 2014-04-11 23:53 - 03650382 _____ () C:\Users\Carolin\Downloads\lillka_Farm Dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:52 - 01294958 _____ () C:\Users\Carolin\Downloads\SV af Lace summer sleeveless dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:51 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744.zip
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127.sims3pack
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127 (1).sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 01825681 _____ () C:\Users\Carolin\Downloads\MsBlue_FarmDaughtersDress.sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 00939142 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Dress_44.sims3pack
2014-04-11 23:45 - 2014-04-11 23:46 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress.sims3pack
2014-04-11 17:18 - 2014-04-11 17:18 - 07261643 _____ () C:\Users\Carolin\Downloads\1009681.zip
2014-04-11 17:15 - 2014-04-11 17:15 - 20258590 _____ () C:\Users\Carolin\Downloads\Lennertz Cottage.Sims3Pack
2014-04-11 17:15 - 2014-04-11 17:15 - 00377650 _____ () C:\Users\Carolin\Downloads\[PS] Smooth Multicolor Eyeshadows 2.sims3pack
2014-04-11 17:14 - 2014-04-11 17:14 - 06345703 _____ () C:\Users\Carolin\Downloads\Vivace.Sims3Pack
2014-04-11 17:13 - 2014-04-11 17:13 - 00447094 _____ () C:\Users\Carolin\Downloads\AnoeskaB_Old_Wood_2.Sims3pack
2014-04-11 17:11 - 2014-04-11 17:12 - 05861381 _____ () C:\Users\Carolin\Downloads\[April] Verona.sims3pack
2014-04-11 17:10 - 2014-04-11 17:12 - 67719998 _____ () C:\Users\Carolin\Downloads\Bridgehampton TSR.Sims3Pack
2014-04-11 17:10 - 2014-04-11 17:10 - 01006326 _____ () C:\Users\Carolin\Downloads\NataliS Seamless draped backless dress FA-YA.sims3pack
2014-04-11 16:28 - 2014-04-11 16:48 - 00024746 _____ () C:\Users\Carolin\Downloads\Addition.txt
2014-04-11 16:27 - 2014-04-19 23:41 - 00000000 ____D () C:\FRST
2014-04-11 16:27 - 2014-04-11 16:47 - 00099105 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-11 16:26 - 2014-04-11 16:27 - 02157056 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:46 - 2014-04-10 20:50 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 19:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 19:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 19:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 19:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 19:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 19:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 19:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 19:07 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:31 - 2014-04-09 16:32 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:27 - 2014-04-09 16:28 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:24 - 2014-04-09 16:25 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:22 - 2014-04-09 16:23 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:21 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:18 - 2014-04-09 16:19 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:25 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:17 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:15 - 2014-04-09 16:17 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:12 - 2014-04-09 16:14 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:12 - 2014-04-09 16:14 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:09 - 2014-04-09 16:17 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:08 - 2014-04-09 16:17 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:06 - 2014-04-09 16:07 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 16:04 - 2014-04-09 16:13 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 13:56 - 2014-04-09 13:58 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:46 - 2014-04-08 20:47 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:07 - 2014-04-06 16:08 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:04 - 2014-04-06 16:05 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:49 - 2014-04-06 15:50 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:41 - 2014-04-06 15:42 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:38 - 2014-04-06 15:39 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:27 - 2014-04-06 15:28 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:24 - 2014-04-06 15:25 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:20 - 2014-04-06 15:21 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:19 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:06 - 2014-04-06 15:07 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:20 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:14 - 2014-04-06 14:15 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:56 - 2014-04-02 21:57 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:50 - 2014-04-02 21:51 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:21 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:56 - 2014-03-31 22:57 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-04-15 20:41 - 00186000 _____ () C:\blitzerr.txt
2014-03-28 22:09 - 2014-03-28 23:25 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-04-15 20:44 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2013-11-20 23:23 - 00000000 ____D () C:\Users\postgres\AppData\Local\Microsoft Help
2014-03-28 22:02 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-28 22:02 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-28 21:59 - 2014-03-28 22:02 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:58 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 21:56 - 2014-03-28 21:57 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-28 14:04 - 2014-04-19 22:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 14:04 - 2014-04-10 20:38 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-03-28 14:04 - 2014-04-10 20:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-20 18:47 - 2014-03-31 21:23 - 00039047 _____ () C:\Users\Carolin\Desktop\Heinrich Böll.odt

==================== One Month Modified Files and Folders =======

2014-04-19 23:41 - 2014-04-18 19:54 - 00000000 ____D () C:\Users\Carolin\Desktop\Trojanerboard
2014-04-19 23:41 - 2014-04-11 16:27 - 00000000 ____D () C:\FRST
2014-04-19 23:40 - 2014-04-19 23:40 - 02055680 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64 (1).exe
2014-04-19 23:39 - 2013-11-14 18:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 23:37 - 2013-11-18 09:35 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Skype
2014-04-19 23:25 - 2014-04-18 18:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 22:57 - 2014-03-28 14:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 22:48 - 2014-04-19 22:48 - 00000811 _____ () C:\Users\Carolin\Desktop\JRT.txt
2014-04-19 22:41 - 2014-04-19 22:41 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT (1).exe
2014-04-19 22:40 - 2014-04-19 22:40 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 22:40 - 2013-12-07 00:47 - 00000000 ____D () C:\Users\Carolin\AppData\Local\PokerStars.EU
2014-04-19 22:39 - 2014-04-19 22:39 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT.exe
2014-04-19 22:23 - 2013-11-14 18:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 22:22 - 2013-11-13 18:37 - 01764920 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 23:42 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 23:42 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 23:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 23:34 - 2009-07-14 06:51 - 00034904 _____ () C:\Windows\setupact.log
2014-04-18 23:33 - 2014-04-18 23:30 - 00000000 ____D () C:\AdwCleaner
2014-04-18 23:33 - 2013-11-14 18:15 - 00001278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-18 23:33 - 2013-11-14 18:12 - 00001049 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 23:28 - 2014-04-18 23:28 - 01426178 _____ () C:\Users\Carolin\Downloads\adwcleaner.exe
2014-04-18 20:25 - 2013-11-18 12:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC49DE3F-D8F1-4471-A5A1-E3C1D3598505}
2014-04-18 19:45 - 2010-11-21 05:47 - 00428002 _____ () C:\Windows\PFRO.log
2014-04-18 19:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-18 18:32 - 2014-04-18 18:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-18 18:29 - 2014-04-18 18:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 19:27 - 2014-04-17 18:07 - 00000000 ____D () C:\Qoobox
2014-04-17 19:27 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-17 19:26 - 2014-04-17 19:26 - 00085720 _____ () C:\ComboFix.txt
2014-04-17 19:23 - 2014-04-17 18:06 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 19:17 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-17 18:09 - 2014-04-17 18:09 - 05194807 _____ (Swearware) C:\Users\Carolin\Downloads\ComboFix (1).exe
2014-04-17 18:09 - 2014-04-17 18:04 - 05194807 ____R (Swearware) C:\Users\Carolin\Downloads\ComboFix.exe
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-15 20:44 - 2014-03-28 22:03 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-04-15 20:41 - 2014-03-28 22:09 - 00186000 _____ () C:\blitzerr.txt
2014-04-15 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-15 03:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-13 15:53 - 2014-04-13 15:53 - 02125791 _____ () C:\Users\Carolin\Downloads\Natef005_afGamineDress.sims3pack
2014-04-12 17:15 - 2014-04-12 17:15 - 01219154 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_SpringkissTeen.sims3pack
2014-04-12 17:14 - 2014-04-12 17:13 - 21058075 _____ () C:\Users\Carolin\Downloads\Spelling Manor.Sims3Pack
2014-04-12 17:13 - 2014-04-12 17:13 - 02312193 _____ () C:\Users\Carolin\Downloads\Titania.sims3pack
2014-04-12 17:11 - 2014-04-12 17:11 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744 (1).zip
2014-04-12 17:09 - 2014-04-12 17:09 - 00244498 _____ () C:\Users\Carolin\Downloads\TwS3_tf-ef_earrings02.sims3pack
2014-04-12 17:07 - 2014-04-12 17:07 - 03209976 _____ () C:\Users\Carolin\Downloads\1151760.zip
2014-04-12 17:07 - 2014-04-12 17:07 - 02428501 _____ () C:\Users\Carolin\Downloads\Harmonia_FarmDenimFloralDress.sims3pack
2014-04-12 17:00 - 2014-04-12 16:59 - 39339383 _____ () C:\Users\Carolin\Downloads\Philo_Pomone.Sims3Pack
2014-04-12 16:56 - 2014-04-12 16:56 - 00651228 _____ () C:\Users\Carolin\Downloads\Essence-ToySoldier.sims3pack
2014-04-12 16:43 - 2014-04-12 16:43 - 04570964 _____ () C:\Users\Carolin\Downloads\lillka_Chick To School - Outfit.sims3pack
2014-04-12 16:43 - 2014-04-12 16:42 - 06854479 _____ () C:\Users\Carolin\Downloads\1166632.zip
2014-04-12 00:09 - 2014-04-12 00:09 - 00883657 _____ () C:\Users\Carolin\Downloads\Fast Last T-Shirt by Devirose.sims3pack
2014-04-12 00:08 - 2014-04-12 00:08 - 00662944 _____ () C:\Users\Carolin\Downloads\Fast Scintillant Jeans by Devirose.sims3pack
2014-04-12 00:07 - 2014-04-12 00:07 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress (1).sims3pack
2014-04-11 23:53 - 2014-04-11 23:53 - 03650382 _____ () C:\Users\Carolin\Downloads\lillka_Farm Dress.sims3pack
2014-04-11 23:52 - 2014-04-11 23:51 - 01294958 _____ () C:\Users\Carolin\Downloads\SV af Lace summer sleeveless dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:51 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744.zip
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127.sims3pack
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127 (1).sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 01825681 _____ () C:\Users\Carolin\Downloads\MsBlue_FarmDaughtersDress.sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 00939142 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Dress_44.sims3pack
2014-04-11 23:46 - 2014-04-11 23:45 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress.sims3pack
2014-04-11 17:18 - 2014-04-11 17:18 - 07261643 _____ () C:\Users\Carolin\Downloads\1009681.zip
2014-04-11 17:15 - 2014-04-11 17:15 - 20258590 _____ () C:\Users\Carolin\Downloads\Lennertz Cottage.Sims3Pack
2014-04-11 17:15 - 2014-04-11 17:15 - 00377650 _____ () C:\Users\Carolin\Downloads\[PS] Smooth Multicolor Eyeshadows 2.sims3pack
2014-04-11 17:14 - 2014-04-11 17:14 - 06345703 _____ () C:\Users\Carolin\Downloads\Vivace.Sims3Pack
2014-04-11 17:13 - 2014-04-11 17:13 - 00447094 _____ () C:\Users\Carolin\Downloads\AnoeskaB_Old_Wood_2.Sims3pack
2014-04-11 17:12 - 2014-04-11 17:11 - 05861381 _____ () C:\Users\Carolin\Downloads\[April] Verona.sims3pack
2014-04-11 17:12 - 2014-04-11 17:10 - 67719998 _____ () C:\Users\Carolin\Downloads\Bridgehampton TSR.Sims3Pack
2014-04-11 17:10 - 2014-04-11 17:10 - 01006326 _____ () C:\Users\Carolin\Downloads\NataliS Seamless draped backless dress FA-YA.sims3pack
2014-04-11 16:48 - 2014-04-11 16:28 - 00024746 _____ () C:\Users\Carolin\Downloads\Addition.txt
2014-04-11 16:47 - 2014-04-11 16:27 - 00099105 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-11 16:27 - 2014-04-11 16:26 - 02157056 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-11 10:58 - 2013-11-16 15:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 10:57 - 2013-11-13 19:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 10:56 - 2013-11-13 19:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:50 - 2014-04-10 20:46 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:38 - 2014-03-28 14:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 20:36 - 2013-11-16 11:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 20:29 - 2014-03-28 14:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-10 20:29 - 2013-11-16 11:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-10 20:29 - 2013-11-16 11:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-10 19:33 - 2013-12-05 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:23 - 2013-11-16 22:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:17 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin
2014-04-09 16:52 - 2014-04-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:32 - 2014-04-09 16:31 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:28 - 2014-04-09 16:27 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:25 - 2014-04-09 16:24 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:25 - 2014-04-09 16:17 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:23 - 2014-04-09 16:22 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:18 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:19 - 2014-04-09 16:18 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:16 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:17 - 2014-04-09 16:15 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:17 - 2014-04-09 16:09 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:17 - 2014-04-09 16:08 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:14 - 2014-04-09 16:12 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:14 - 2014-04-09 16:12 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:13 - 2014-04-09 16:04 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:07 - 2014-04-09 16:06 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 13:58 - 2014-04-09 13:56 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-09 13:46 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Adobe
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:47 - 2014-04-08 20:46 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:08 - 2014-04-06 16:07 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:04 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:50 - 2014-04-06 15:49 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:42 - 2014-04-06 15:41 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:39 - 2014-04-06 15:38 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:27 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:25 - 2014-04-06 15:24 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:20 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:19 - 2014-04-06 15:18 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:07 - 2014-04-06 15:06 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:52 - 2013-11-14 03:32 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 14:52 - 2013-11-14 03:32 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 14:52 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 14:43 - 2014-01-05 23:29 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Microsoft Games
2014-04-06 14:20 - 2014-04-06 14:19 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:15 - 2014-04-06 14:14 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-05 23:44 - 2014-01-05 23:29 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-04-04 00:34 - 2013-11-14 18:14 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 00:34 - 2013-11-14 18:14 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 09:51 - 2014-04-18 18:30 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-18 18:30 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-18 18:30 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:57 - 2014-04-02 21:56 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:51 - 2014-04-02 21:50 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:21 - 2014-03-31 23:20 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:57 - 2014-03-31 22:56 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-31 21:23 - 2014-03-20 18:47 - 00039047 _____ () C:\Users\Carolin\Desktop\Heinrich Böll.odt
2014-03-31 13:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-28 23:25 - 2014-03-28 22:09 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:03 - 2014-03-28 21:58 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2014-03-28 21:59 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:57 - 2014-03-28 21:56 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java

Some content of TEMP:
====================
C:\Users\Carolin\AppData\Local\Temp\avgnt.exe
C:\Users\Carolin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 23:33

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2014
Ran by Carolin at 2014-04-19 23:47:20
Running from C:\Users\Carolin\Desktop\Trojanerboard
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)

==================== Restore Points  =========================

10-04-2014 17:29:06 Removed Microsoft Silverlight
10-04-2014 18:46:15 Uniblue SpeedUpMyPC installation
11-04-2014 08:55:28 Windows Modules Installer
15-04-2014 01:00:48 Windows Update
17-04-2014 16:07:36 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3152CB30-EA16-4929-94B8-DB611B4A5254} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {3E02BC1E-955D-43F0-942F-B2970EE6FA03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {4564F9EB-6BAB-494E-837A-9575DA718248} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {575F5FF0-955C-45BD-B16D-8C9E36ECC147} - System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {581CC6A9-A759-49C6-8209-091E21C939A8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-999138141-1912988859-3756178019-1001
Task: {9624BB95-1194-428F-B3E1-68F79203F3C4} - System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-16 18:54 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-11-16 11:54 - 2013-10-31 20:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-28 22:01 - 2014-02-18 10:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-03-28 22:01 - 2012-08-14 15:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-11-16 18:54 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Massenspeichercontroller
Description: Massenspeichercontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/19/2014 10:59:21 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-17 19:14:36.560
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-17 19:14:36.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 4049.8 MB
Available physical RAM: 2664.78 MB
Total Pagefile: 8097.78 MB
Available Pagefile: 6396.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.87 GB) (Free:200.06 GB) NTFS
Drive d: () (Fixed) (Total:172.79 GB) (Free:132.87 GB) NTFS
Drive e: (Sims3) (CDROM) (Total:5.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 141D0EAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=173 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 18.04.2014 18:30:29, SYSTEM, GUTEMINE, Protection, Malware Protection, Starting, 
Protection, 18.04.2014 18:30:29, SYSTEM, GUTEMINE, Protection, Malware Protection, Started, 
Protection, 18.04.2014 18:30:29, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Starting, 
Protection, 18.04.2014 18:30:30, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Started, 
Update, 18.04.2014 18:30:33, SYSTEM, GUTEMINE, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, 
Update, 18.04.2014 18:30:45, SYSTEM, GUTEMINE, Manual, Malware Database, 2014.3.4.9, 2014.4.18.6, 
Protection, 18.04.2014 18:30:47, SYSTEM, GUTEMINE, Protection, Refresh, Starting, 
Protection, 18.04.2014 18:30:47, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Stopping, 
Protection, 18.04.2014 18:30:47, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Stopped, 
Protection, 18.04.2014 18:30:51, SYSTEM, GUTEMINE, Protection, Refresh, Success, 
Protection, 18.04.2014 18:30:51, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Starting, 
Protection, 18.04.2014 18:30:52, SYSTEM, GUTEMINE, Protection, Malicious Website Protection, Started, 
Detection, 18.04.2014 18:38:08, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.WebsSearches.A, C:\Users\Carolin\AppData\Roaming\webssearches\UninstallManager.exe, Quarantine, [b51914177cff81b5382c78ed59a9857b]
Detection, 18.04.2014 18:40:08, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.WebsSearches.A, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, Quarantine, [b51914177cff81b5382c78ed59a9857b]
Protection, 18.04.2014 18:40:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Error, 18.04.2014 18:40:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Detection, 18.04.2014 18:42:08, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.WebsSearches.A, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, Quarantine, [b51914177cff81b5382c78ed59a9857b]
Protection, 18.04.2014 18:42:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Error, 18.04.2014 18:42:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Detection, 18.04.2014 18:44:08, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.WebsSearches.A, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, Quarantine, [b51914177cff81b5382c78ed59a9857b]
Protection, 18.04.2014 18:44:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Error, 18.04.2014 18:44:08, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\users\carolin\appdata\roaming\webssearches\uninstallmanager.exe, 
Detection, 18.04.2014 19:11:29, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, C:\Program Files (x86)\Re-markit Corp\ReMar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Detection, 18.04.2014 19:11:32, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Protection, 18.04.2014 19:11:32, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Error, 18.04.2014 19:11:32, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Detection, 18.04.2014 19:11:52, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, Quarantine, [c5092efd423944f217d3e38211f105fb]
Detection, 18.04.2014 19:12:04, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.Feven.A, C:\Program Files (x86)\Freeven Pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-3.exe, Quarantine, [5d711219f2895dd96f7b98cd3ac89070]
Detection, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Protection, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Error, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Detection, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.Feven.A, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, Quarantine, [c5092efd423944f217d3e38211f105fb]
Protection, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, 
Error, 18.04.2014 19:23:40, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, 
Detection, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Detection, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.Feven.A, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, Quarantine, [c5092efd423944f217d3e38211f105fb]
Protection, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Error, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Protection, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, 
Error, 18.04.2014 19:23:45, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\freeven pro 1.3\c7f7814e-05b3-4f1c-b4c6-2059cbd33154-5.exe, 
Detection, 18.04.2014 19:33:56, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Protection, 18.04.2014 19:33:56, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Error, 18.04.2014 19:33:56, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Detection, 18.04.2014 19:34:18, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe, Quarantine, [f9d5f8339ddeec4a41d7b0b6000158a8]
Detection, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Detection, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, Quarantine, [f9d5f8339ddeec4a41d7b0b6000158a8]
Protection, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Error, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 
Protection, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, 
Error, 18.04.2014 19:34:21, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, 
Detection, 18.04.2014 19:40:10, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.AdLyrics.A, c:\program files (x86)\re-markit corp\remar.exe, Quarantine, [1bb3bb70304ba492f0abe25bfb05d22e]
Detection, 18.04.2014 19:40:10, SYSTEM, GUTEMINE, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, Quarantine, [f9d5f8339ddeec4a41d7b0b6000158a8]
Protection, 18.04.2014 19:40:10, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, 
Error, 18.04.2014 19:40:10, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\mediaplayerplus\mediaplayerplus-codedownloader.exe, 
Error, 18.04.2014 19:40:10, SYSTEM, GUTEMINE, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\re-markit corp\remar.exe, 

(end)

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.023 - Bericht erstellt am 18/04/2014 um 23:33:16
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Carolin - GUTEMINE
# Gestartet von : C:\Users\Carolin\Desktop\Trojanerboard\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Carolin\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Carolin\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Carolin\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Carolin\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Carolin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Carolin\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Carolin\Documents\Mobogenie
Datei Gelöscht : C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\user.js
Datei Gelöscht : C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Carolin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Carolin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Carolin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\7u51zsgt.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");

[ Datei : C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Papa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7339 octets] - [18/04/2014 23:31:47]
AdwCleaner[S0].txt - [6029 octets] - [18/04/2014 23:33:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6089 octets] ##########

--- --- ---

[/CODE]

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Carolin on 19.04.2014 at 22:42:07,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Emptied folder: C:\Users\Carolin\AppData\Roaming\mozilla\firefox\profiles\1sjrbwez.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.04.2014 at 22:48:49,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

[/CODE]

schrauber · 20.04.2014, 18:13

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Carolin.Abär · 20.04.2014, 20:43

Hi,

hier sind die Logs zu den Downloads. Bei Security Check konnte ich die neuste Version nicht herunterladen, da der Download auch nach einigen Versuchen nicht startete, ich habe dann ich nächst ältere genommen.

Mfg,
Caro

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=58ccabc2ac8d1842936f3b44aa375081
# engine=17961
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-20 07:12:32
# local_time=2014-04-20 09:12:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 13488652 149651002 0 0
# scanned=175099
# found=9
# cleaned=0
# scan_time=3980
sh=9C860E0B0EAFF9D2912642BC3940BA098C00BBCE ft=1 fh=41f2b86635803f1b vn="NSIS/StartPage.CC trojan" ac=I fn="C:\Users\Papa\Downloads\vlc-2.1.0-win64.exe"
sh=85ED38F8CB968FE556067E710E44734841C8D71D ft=1 fh=28fedb6458369c88 vn="multiple threats" ac=I fn="D:\Carolin\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NA0KDKT6\SuperLyrics[1]"
sh=8A4CC20AFF196988CB6AE3890AD124A846EACC04 ft=1 fh=87f89f569b68d7e7 vn="multiple threats" ac=I fn="D:\Carolin\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NA0KDKT6\SuperLyrics_1060-1134_v111[1]"
sh=3DAA91C489C2A5B40D178886E903585E8E65C849 ft=1 fh=449d92fca668ad78 vn="Win32/Adware.AddLyrics.A application" ac=I fn="D:\Carolin\Carolin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4NPYSHV\AddLyrics_1060-1134_v109[1].exe"
sh=85ED38F8CB968FE556067E710E44734841C8D71D ft=1 fh=28fedb6458369c88 vn="multiple threats" ac=I fn="D:\Carolin\Carolin\AppData\Local\Temp\alcsup.exe"
sh=EBCA02174831FCD758DCCCB5EF4937DD370485D5 ft=1 fh=2098c93e421afd41 vn="multiple threats" ac=I fn="D:\Carolin\Carolin\AppData\Local\Temp\LyricsPal.exe"
sh=8A4CC20AFF196988CB6AE3890AD124A846EACC04 ft=1 fh=87f89f569b68d7e7 vn="multiple threats" ac=I fn="D:\Carolin\Carolin\AppData\Local\Temp\SLUpdate.exe"
sh=5FCAD52F57E68EDEF6E898D20ADC12667ADC5FFC ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NNF trojan" ac=I fn="D:\Carolin\Carolin\AppData\Local\Temp\oracle\sawnBoons.class"
sh=B606AE0BDFFC46036B37386391347DC4BC30A9A0 ft=1 fh=e7e6ce3ed10bbdff vn="a variant of Win32/Kryptik.AXBN trojan" ac=I fn="D:\Carolin\Carolin\AppData\Local\Temp\tmpd67a025f\543.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 13.0.0.182  
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 01
Ran by Carolin (administrator) on GUTEMINE on 20-04-2014 21:33:21
Running from C:\Users\Carolin\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\pg_ctl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) c:\postgreSQL\bin\postgres.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-999138141-1912988859-3756178019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B35845349E4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\1sjrbwez.default
FF NewTab: about:blank
FF DefaultSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{8c46fde2-8f22-4b77-9d6b-47daa604b639}] - C:\Program Files (x86)\Re-markit Corp\158.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-17]
CHR Extension: (Google Drive) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-17]
CHR Extension: (YouTube) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-17]
CHR Extension: (Adblock Plus) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-18]
CHR Extension: (Google-Suche) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-17]
CHR Extension: (DVDVideoSoft) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-21]
CHR Extension: (Google Wallet) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Google Mail) - C:\Users\Carolin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-17]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 SMSCIRDA; C:\Windows\System32\DRIVERS\SMSCir64.sys [37760 2007-04-25] (SMSC)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 21:33 - 2014-04-20 21:33 - 00000000 ____D () C:\Users\Carolin\Downloads\FRST-OlderVersion
2014-04-20 21:31 - 2014-04-20 21:31 - 00987448 _____ () C:\Users\Carolin\Downloads\SecurityCheck.exe
2014-04-20 19:58 - 2014-04-20 19:58 - 02347384 _____ (ESET) C:\Users\Carolin\Downloads\esetsmartinstaller_enu.exe
2014-04-19 22:48 - 2014-04-19 22:48 - 00000811 _____ () C:\Users\Carolin\Desktop\JRT.txt
2014-04-19 22:41 - 2014-04-19 22:41 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT (1).exe
2014-04-19 22:40 - 2014-04-19 22:40 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 22:39 - 2014-04-19 22:39 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT.exe
2014-04-18 23:30 - 2014-04-18 23:33 - 00000000 ____D () C:\AdwCleaner
2014-04-18 23:28 - 2014-04-18 23:28 - 01426178 _____ () C:\Users\Carolin\Downloads\adwcleaner.exe
2014-04-18 19:54 - 2014-04-20 21:32 - 00000000 ____D () C:\Users\Carolin\Desktop\Trojanerboard
2014-04-18 18:32 - 2014-04-18 18:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 18:30 - 2014-04-20 21:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-18 18:30 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 18:30 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 18:30 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 18:28 - 2014-04-18 18:29 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 19:26 - 2014-04-17 19:26 - 00085720 _____ () C:\ComboFix.txt
2014-04-17 18:09 - 2014-04-17 18:09 - 05194807 _____ (Swearware) C:\Users\Carolin\Downloads\ComboFix (1).exe
2014-04-17 18:07 - 2014-04-17 19:27 - 00000000 ____D () C:\Qoobox
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 18:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-17 18:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-17 18:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-17 18:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-17 18:06 - 2014-04-17 19:23 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 18:04 - 2014-04-17 18:09 - 05194807 ____R (Swearware) C:\Users\Carolin\Downloads\ComboFix.exe
2014-04-15 03:04 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 03:04 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 03:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 03:04 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 03:03 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 03:03 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 03:03 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 03:03 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 03:03 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 03:03 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 03:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 03:03 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 03:03 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 03:03 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 03:03 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 03:03 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 03:03 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 03:03 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 03:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 03:03 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 03:03 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 03:03 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 03:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 03:03 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 03:03 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 03:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 03:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 03:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 03:02 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 03:02 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 03:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 03:02 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 03:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 03:02 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 03:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 03:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 03:02 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 03:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 03:02 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 03:02 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 03:02 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 03:02 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 03:02 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 03:02 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 03:02 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 03:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 03:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 03:02 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 15:53 - 2014-04-13 15:53 - 02125791 _____ () C:\Users\Carolin\Downloads\Natef005_afGamineDress.sims3pack
2014-04-12 17:15 - 2014-04-12 17:15 - 01219154 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_SpringkissTeen.sims3pack
2014-04-12 17:13 - 2014-04-12 17:14 - 21058075 _____ () C:\Users\Carolin\Downloads\Spelling Manor.Sims3Pack
2014-04-12 17:13 - 2014-04-12 17:13 - 02312193 _____ () C:\Users\Carolin\Downloads\Titania.sims3pack
2014-04-12 17:11 - 2014-04-12 17:11 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744 (1).zip
2014-04-12 17:09 - 2014-04-12 17:09 - 00244498 _____ () C:\Users\Carolin\Downloads\TwS3_tf-ef_earrings02.sims3pack
2014-04-12 17:07 - 2014-04-12 17:07 - 03209976 _____ () C:\Users\Carolin\Downloads\1151760.zip
2014-04-12 17:07 - 2014-04-12 17:07 - 02428501 _____ () C:\Users\Carolin\Downloads\Harmonia_FarmDenimFloralDress.sims3pack
2014-04-12 16:59 - 2014-04-12 17:00 - 39339383 _____ () C:\Users\Carolin\Downloads\Philo_Pomone.Sims3Pack
2014-04-12 16:56 - 2014-04-12 16:56 - 00651228 _____ () C:\Users\Carolin\Downloads\Essence-ToySoldier.sims3pack
2014-04-12 16:43 - 2014-04-12 16:43 - 04570964 _____ () C:\Users\Carolin\Downloads\lillka_Chick To School - Outfit.sims3pack
2014-04-12 16:42 - 2014-04-12 16:43 - 06854479 _____ () C:\Users\Carolin\Downloads\1166632.zip
2014-04-12 00:09 - 2014-04-12 00:09 - 00883657 _____ () C:\Users\Carolin\Downloads\Fast Last T-Shirt by Devirose.sims3pack
2014-04-12 00:08 - 2014-04-12 00:08 - 00662944 _____ () C:\Users\Carolin\Downloads\Fast Scintillant Jeans by Devirose.sims3pack
2014-04-12 00:07 - 2014-04-12 00:07 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress (1).sims3pack
2014-04-11 23:53 - 2014-04-11 23:53 - 03650382 _____ () C:\Users\Carolin\Downloads\lillka_Farm Dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:52 - 01294958 _____ () C:\Users\Carolin\Downloads\SV af Lace summer sleeveless dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:51 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744.zip
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127.sims3pack
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127 (1).sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 01825681 _____ () C:\Users\Carolin\Downloads\MsBlue_FarmDaughtersDress.sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 00939142 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Dress_44.sims3pack
2014-04-11 23:45 - 2014-04-11 23:46 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress.sims3pack
2014-04-11 17:18 - 2014-04-11 17:18 - 07261643 _____ () C:\Users\Carolin\Downloads\1009681.zip
2014-04-11 17:15 - 2014-04-11 17:15 - 20258590 _____ () C:\Users\Carolin\Downloads\Lennertz Cottage.Sims3Pack
2014-04-11 17:15 - 2014-04-11 17:15 - 00377650 _____ () C:\Users\Carolin\Downloads\[PS] Smooth Multicolor Eyeshadows 2.sims3pack
2014-04-11 17:14 - 2014-04-11 17:14 - 06345703 _____ () C:\Users\Carolin\Downloads\Vivace.Sims3Pack
2014-04-11 17:13 - 2014-04-11 17:13 - 00447094 _____ () C:\Users\Carolin\Downloads\AnoeskaB_Old_Wood_2.Sims3pack
2014-04-11 17:11 - 2014-04-11 17:12 - 05861381 _____ () C:\Users\Carolin\Downloads\[April] Verona.sims3pack
2014-04-11 17:10 - 2014-04-11 17:12 - 67719998 _____ () C:\Users\Carolin\Downloads\Bridgehampton TSR.Sims3Pack
2014-04-11 17:10 - 2014-04-11 17:10 - 01006326 _____ () C:\Users\Carolin\Downloads\NataliS Seamless draped backless dress FA-YA.sims3pack
2014-04-11 16:28 - 2014-04-11 16:48 - 00024746 _____ () C:\Users\Carolin\Downloads\Addition.txt
2014-04-11 16:27 - 2014-04-20 21:33 - 00010917 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-11 16:27 - 2014-04-20 21:33 - 00000000 ____D () C:\FRST
2014-04-11 16:26 - 2014-04-20 21:33 - 02056192 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:46 - 2014-04-10 20:50 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 19:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 19:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 19:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 19:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 19:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 19:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 19:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 19:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 19:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 19:07 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:31 - 2014-04-09 16:32 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:27 - 2014-04-09 16:28 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:24 - 2014-04-09 16:25 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:22 - 2014-04-09 16:23 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:21 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:18 - 2014-04-09 16:19 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:25 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:17 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:15 - 2014-04-09 16:17 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:12 - 2014-04-09 16:14 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:12 - 2014-04-09 16:14 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:09 - 2014-04-09 16:17 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:08 - 2014-04-09 16:17 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:06 - 2014-04-09 16:07 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 16:04 - 2014-04-09 16:13 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 13:56 - 2014-04-09 13:58 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:46 - 2014-04-08 20:47 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:07 - 2014-04-06 16:08 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:04 - 2014-04-06 16:05 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:49 - 2014-04-06 15:50 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:41 - 2014-04-06 15:42 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:38 - 2014-04-06 15:39 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:27 - 2014-04-06 15:28 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:24 - 2014-04-06 15:25 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:20 - 2014-04-06 15:21 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:19 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:06 - 2014-04-06 15:07 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:20 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:14 - 2014-04-06 14:15 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:56 - 2014-04-02 21:57 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:50 - 2014-04-02 21:51 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:21 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:56 - 2014-03-31 22:57 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-04-15 20:41 - 00186000 _____ () C:\blitzerr.txt
2014-03-28 22:09 - 2014-03-28 23:25 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-04-15 20:44 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2013-11-20 23:23 - 00000000 ____D () C:\Users\postgres\AppData\Local\Microsoft Help
2014-03-28 22:02 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-28 22:02 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-28 21:59 - 2014-03-28 22:02 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:58 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 21:56 - 2014-03-28 21:57 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-28 14:04 - 2014-04-20 20:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 14:04 - 2014-04-10 20:38 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-03-28 14:04 - 2014-04-10 20:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java

==================== One Month Modified Files and Folders =======

2014-04-20 21:33 - 2014-04-20 21:33 - 00000000 ____D () C:\Users\Carolin\Downloads\FRST-OlderVersion
2014-04-20 21:33 - 2014-04-11 16:27 - 00010917 _____ () C:\Users\Carolin\Downloads\FRST.txt
2014-04-20 21:33 - 2014-04-11 16:27 - 00000000 ____D () C:\FRST
2014-04-20 21:33 - 2014-04-11 16:26 - 02056192 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2014-04-20 21:32 - 2014-04-18 19:54 - 00000000 ____D () C:\Users\Carolin\Desktop\Trojanerboard
2014-04-20 21:31 - 2014-04-20 21:31 - 00987448 _____ () C:\Users\Carolin\Downloads\SecurityCheck.exe
2014-04-20 21:31 - 2013-11-18 12:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC49DE3F-D8F1-4471-A5A1-E3C1D3598505}
2014-04-20 21:31 - 2013-11-13 18:37 - 01793171 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 21:29 - 2014-04-18 18:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 21:27 - 2013-11-14 18:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 21:26 - 2010-11-21 05:47 - 00428836 _____ () C:\Windows\PFRO.log
2014-04-20 21:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 21:26 - 2009-07-14 06:51 - 00034960 _____ () C:\Windows\setupact.log
2014-04-20 20:57 - 2014-03-28 14:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 20:39 - 2013-11-14 18:14 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 19:58 - 2014-04-20 19:58 - 02347384 _____ (ESET) C:\Users\Carolin\Downloads\esetsmartinstaller_enu.exe
2014-04-20 16:54 - 2013-11-18 09:35 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Skype
2014-04-19 23:44 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 23:44 - 2009-07-14 06:45 - 00026672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 22:48 - 2014-04-19 22:48 - 00000811 _____ () C:\Users\Carolin\Desktop\JRT.txt
2014-04-19 22:41 - 2014-04-19 22:41 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT (1).exe
2014-04-19 22:40 - 2014-04-19 22:40 - 00000000 ____D () C:\Windows\ERUNT
2014-04-19 22:40 - 2013-12-07 00:47 - 00000000 ____D () C:\Users\Carolin\AppData\Local\PokerStars.EU
2014-04-19 22:39 - 2014-04-19 22:39 - 01016261 _____ (Thisisu) C:\Users\Carolin\Downloads\JRT.exe
2014-04-18 23:33 - 2014-04-18 23:30 - 00000000 ____D () C:\AdwCleaner
2014-04-18 23:33 - 2013-11-14 18:15 - 00001278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-18 23:33 - 2013-11-14 18:12 - 00001049 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-18 23:28 - 2014-04-18 23:28 - 01426178 _____ () C:\Users\Carolin\Downloads\adwcleaner.exe
2014-04-18 19:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-18 18:32 - 2014-04-18 18:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:30 - 2014-04-18 18:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-18 18:29 - 2014-04-18 18:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 19:27 - 2014-04-17 18:07 - 00000000 ____D () C:\Qoobox
2014-04-17 19:27 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-17 19:26 - 2014-04-17 19:26 - 00085720 _____ () C:\ComboFix.txt
2014-04-17 19:23 - 2014-04-17 18:06 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 19:17 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-17 18:09 - 2014-04-17 18:09 - 05194807 _____ (Swearware) C:\Users\Carolin\Downloads\ComboFix (1).exe
2014-04-17 18:09 - 2014-04-17 18:04 - 05194807 ____R (Swearware) C:\Users\Carolin\Downloads\ComboFix.exe
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-15 20:44 - 2014-03-28 22:03 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HoldemManager
2014-04-15 20:41 - 2014-03-28 22:09 - 00186000 _____ () C:\blitzerr.txt
2014-04-15 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-15 03:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-13 15:53 - 2014-04-13 15:53 - 02125791 _____ () C:\Users\Carolin\Downloads\Natef005_afGamineDress.sims3pack
2014-04-12 17:15 - 2014-04-12 17:15 - 01219154 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_SpringkissTeen.sims3pack
2014-04-12 17:14 - 2014-04-12 17:13 - 21058075 _____ () C:\Users\Carolin\Downloads\Spelling Manor.Sims3Pack
2014-04-12 17:13 - 2014-04-12 17:13 - 02312193 _____ () C:\Users\Carolin\Downloads\Titania.sims3pack
2014-04-12 17:11 - 2014-04-12 17:11 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744 (1).zip
2014-04-12 17:09 - 2014-04-12 17:09 - 00244498 _____ () C:\Users\Carolin\Downloads\TwS3_tf-ef_earrings02.sims3pack
2014-04-12 17:07 - 2014-04-12 17:07 - 03209976 _____ () C:\Users\Carolin\Downloads\1151760.zip
2014-04-12 17:07 - 2014-04-12 17:07 - 02428501 _____ () C:\Users\Carolin\Downloads\Harmonia_FarmDenimFloralDress.sims3pack
2014-04-12 17:00 - 2014-04-12 16:59 - 39339383 _____ () C:\Users\Carolin\Downloads\Philo_Pomone.Sims3Pack
2014-04-12 16:56 - 2014-04-12 16:56 - 00651228 _____ () C:\Users\Carolin\Downloads\Essence-ToySoldier.sims3pack
2014-04-12 16:43 - 2014-04-12 16:43 - 04570964 _____ () C:\Users\Carolin\Downloads\lillka_Chick To School - Outfit.sims3pack
2014-04-12 16:43 - 2014-04-12 16:42 - 06854479 _____ () C:\Users\Carolin\Downloads\1166632.zip
2014-04-12 00:09 - 2014-04-12 00:09 - 00883657 _____ () C:\Users\Carolin\Downloads\Fast Last T-Shirt by Devirose.sims3pack
2014-04-12 00:08 - 2014-04-12 00:08 - 00662944 _____ () C:\Users\Carolin\Downloads\Fast Scintillant Jeans by Devirose.sims3pack
2014-04-12 00:07 - 2014-04-12 00:07 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress (1).sims3pack
2014-04-11 23:53 - 2014-04-11 23:53 - 03650382 _____ () C:\Users\Carolin\Downloads\lillka_Farm Dress.sims3pack
2014-04-11 23:52 - 2014-04-11 23:51 - 01294958 _____ () C:\Users\Carolin\Downloads\SV af Lace summer sleeveless dress.sims3pack
2014-04-11 23:51 - 2014-04-11 23:51 - 04545391 _____ () C:\Users\Carolin\Downloads\1086744.zip
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127.sims3pack
2014-04-11 23:50 - 2014-04-11 23:50 - 00461709 _____ () C:\Users\Carolin\Downloads\Astra shoes  by altea127 (1).sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 01825681 _____ () C:\Users\Carolin\Downloads\MsBlue_FarmDaughtersDress.sims3pack
2014-04-11 23:46 - 2014-04-11 23:46 - 00939142 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Dress_44.sims3pack
2014-04-11 23:46 - 2014-04-11 23:45 - 01112637 _____ () C:\Users\Carolin\Downloads\EkinegeTSR_BeltedSundress.sims3pack
2014-04-11 17:18 - 2014-04-11 17:18 - 07261643 _____ () C:\Users\Carolin\Downloads\1009681.zip
2014-04-11 17:15 - 2014-04-11 17:15 - 20258590 _____ () C:\Users\Carolin\Downloads\Lennertz Cottage.Sims3Pack
2014-04-11 17:15 - 2014-04-11 17:15 - 00377650 _____ () C:\Users\Carolin\Downloads\[PS] Smooth Multicolor Eyeshadows 2.sims3pack
2014-04-11 17:14 - 2014-04-11 17:14 - 06345703 _____ () C:\Users\Carolin\Downloads\Vivace.Sims3Pack
2014-04-11 17:13 - 2014-04-11 17:13 - 00447094 _____ () C:\Users\Carolin\Downloads\AnoeskaB_Old_Wood_2.Sims3pack
2014-04-11 17:12 - 2014-04-11 17:11 - 05861381 _____ () C:\Users\Carolin\Downloads\[April] Verona.sims3pack
2014-04-11 17:12 - 2014-04-11 17:10 - 67719998 _____ () C:\Users\Carolin\Downloads\Bridgehampton TSR.Sims3Pack
2014-04-11 17:10 - 2014-04-11 17:10 - 01006326 _____ () C:\Users\Carolin\Downloads\NataliS Seamless draped backless dress FA-YA.sims3pack
2014-04-11 16:48 - 2014-04-11 16:28 - 00024746 _____ () C:\Users\Carolin\Downloads\Addition.txt
2014-04-11 10:58 - 2013-11-16 15:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 10:57 - 2013-11-13 19:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 10:56 - 2013-11-13 19:36 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 20:52 - 2014-04-10 20:52 - 00000000 ___RD () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 20:50 - 2014-04-10 20:46 - 00000000 ____D () C:\22ead09a2f41a2db04769f
2014-04-10 20:44 - 2014-04-10 20:44 - 00678720 _____ () C:\Users\Carolin\Downloads\Setup (1).exe
2014-04-10 20:38 - 2014-03-28 14:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Adobe
2014-04-10 20:37 - 2014-04-10 20:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-10 20:36 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-10 20:36 - 2013-11-16 11:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 20:29 - 2014-03-28 14:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-10 20:29 - 2013-11-16 11:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-10 20:29 - 2013-11-16 11:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-10 19:33 - 2013-12-05 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-04-10 19:23 - 2014-04-10 19:23 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-10 19:23 - 2013-11-16 22:57 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-10 19:21 - 2014-04-10 19:21 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\QuickScan
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\AppData\Local\cache
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 ____D () C:\Users\Carolin\.android
2014-04-10 19:17 - 2014-04-10 19:17 - 00000000 _____ () C:\Users\Carolin\daemonprocess.txt
2014-04-10 19:17 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin
2014-04-09 16:52 - 2014-04-09 16:48 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Opera Software
2014-04-09 16:49 - 2014-04-09 16:49 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Opera Software
2014-04-09 16:48 - 2014-04-09 16:48 - 00001129 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-09 16:48 - 2014-04-09 16:48 - 00000314 _____ () C:\Users\Carolin\AppData\Roaming\aps.uninstall.scan.results
2014-04-09 16:32 - 2014-04-09 16:32 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-09 16:32 - 2014-04-09 16:31 - 08611255 _____ () C:\Users\Carolin\Downloads\Cicadas Cottage.Sims3Pack
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-09 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-09 16:29 - 2014-04-09 16:29 - 05769930 _____ () C:\Users\Carolin\Downloads\Spanish Finca 5.Sims3Pack
2014-04-09 16:29 - 2014-04-09 16:29 - 04227952 _____ () C:\Users\Carolin\Downloads\af_SlowDance_CookieChow.sims3pack
2014-04-09 16:28 - 2014-04-09 16:27 - 04704711 _____ () C:\Users\Carolin\Downloads\lillka_Italian Chic.sims3pack
2014-04-09 16:27 - 2014-04-09 16:27 - 01574329 _____ () C:\Users\Carolin\Downloads\B32_fae_businessone.sims3pack
2014-04-09 16:26 - 2014-04-09 16:26 - 04012951 _____ () C:\Users\Carolin\Downloads\lillka_Pepe Jeans Pullover.sims3pack
2014-04-09 16:25 - 2014-04-09 16:24 - 06258265 _____ () C:\Users\Carolin\Downloads\La Madison.Sims3Pack
2014-04-09 16:25 - 2014-04-09 16:17 - 44461135 _____ () C:\Users\Carolin\Downloads\Enchanter-s Nightshade.Sims3Pack
2014-04-09 16:23 - 2014-04-09 16:22 - 38851866 _____ () C:\Users\Carolin\Downloads\Villa New Zealand.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:21 - 04566936 _____ () C:\Users\Carolin\Downloads\37 Westcroft Road.Sims3Pack
2014-04-09 16:21 - 2014-04-09 16:18 - 06061419 _____ () C:\Users\Carolin\Downloads\cherryberry - Glitter heart dress.sims3pack
2014-04-09 16:19 - 2014-04-09 16:18 - 03849676 _____ () C:\Users\Carolin\Downloads\Rocky Hill View.Sims3Pack
2014-04-09 16:18 - 2014-04-09 16:18 - 00134333 _____ () C:\Users\Carolin\Downloads\Elastic Bracelet  by altea127.sims3pack
2014-04-09 16:17 - 2014-04-09 16:16 - 02837730 _____ () C:\Users\Carolin\Downloads\lillka_Flowing Beige Dress.sims3pack
2014-04-09 16:17 - 2014-04-09 16:15 - 13846478 _____ () C:\Users\Carolin\Downloads\1232339.zip
2014-04-09 16:17 - 2014-04-09 16:09 - 18701222 _____ () C:\Users\Carolin\Downloads\Georgette.Sims3Pack
2014-04-09 16:17 - 2014-04-09 16:08 - 39150993 _____ () C:\Users\Carolin\Downloads\Crestwood Villa.Sims3Pack
2014-04-09 16:16 - 2014-04-09 16:16 - 02695449 _____ () C:\Users\Carolin\Downloads\lillka_Sequined Lace Dress.sims3pack
2014-04-09 16:14 - 2014-04-09 16:14 - 00907850 _____ () C:\Users\Carolin\Downloads\RedCat - Child Denim Dress with Ribbon.sims3pack
2014-04-09 16:14 - 2014-04-09 16:12 - 03136126 _____ () C:\Users\Carolin\Downloads\Mario Modern-house.Sims3Pack
2014-04-09 16:14 - 2014-04-09 16:12 - 02203161 _____ () C:\Users\Carolin\Downloads\[Oranos] Ariso Jacket.sims3pack
2014-04-09 16:13 - 2014-04-09 16:04 - 41114888 _____ () C:\Users\Carolin\Downloads\Colonial Home III.Sims3Pack
2014-04-09 16:07 - 2014-04-09 16:07 - 00732170 _____ () C:\Users\Carolin\Downloads\NataliS twisted pearl earrings FT-FA.sims3pack
2014-04-09 16:07 - 2014-04-09 16:06 - 00879086 _____ () C:\Users\Carolin\Downloads\SimsimayTSR_innocentasangels.sims3pack
2014-04-09 13:58 - 2014-04-09 13:56 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-09 13:51 - 2014-04-09 13:51 - 00002990 _____ () C:\Windows\System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F}
2014-04-09 13:50 - 2014-04-09 13:50 - 00002990 _____ () C:\Windows\System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914}
2014-04-09 13:46 - 2013-11-17 19:33 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Adobe
2014-04-08 20:51 - 2014-04-08 20:51 - 02801733 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J002-rosy cloud-f.sims3pack
2014-04-08 20:50 - 2014-04-08 20:50 - 01239953 _____ () C:\Users\Carolin\Downloads\cherryberry - Vintage toddler dress.sims3pack
2014-04-08 20:48 - 2014-04-08 20:48 - 07287746 _____ () C:\Users\Carolin\Downloads\1238620.zip
2014-04-08 20:47 - 2014-04-08 20:46 - 06816140 _____ () C:\Users\Carolin\Downloads\1237204.zip
2014-04-08 20:43 - 2014-04-08 20:43 - 01180522 _____ () C:\Users\Carolin\Downloads\sims2fanbg042.sims3pack
2014-04-08 20:42 - 2014-04-08 20:42 - 01265439 _____ () C:\Users\Carolin\Downloads\DT456 Isa Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 04712571 _____ () C:\Users\Carolin\Downloads\lillka_One Shoulder - Dress.sims3pack
2014-04-08 20:41 - 2014-04-08 20:41 - 01273115 _____ () C:\Users\Carolin\Downloads\B32_fye_ruffleolddress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 05843852 _____ () C:\Users\Carolin\Downloads\Alexis Dress.sims3pack
2014-04-08 20:40 - 2014-04-08 20:40 - 00569545 _____ () C:\Users\Carolin\Downloads\NinaDobrevDressbyIZAM.sims3pack
2014-04-06 17:28 - 2014-04-06 17:28 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af (1).sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 08594394 _____ () C:\Users\Carolin\Downloads\sequintop.sims3pack
2014-04-06 16:11 - 2014-04-06 16:11 - 01182742 _____ () C:\Users\Carolin\Downloads\SMSims3Fashion_058_shirt_and_skirt.sims3pack
2014-04-06 16:10 - 2014-04-06 16:10 - 01232077 _____ () C:\Users\Carolin\Downloads\Jingle Belle-Mh75.sims3pack
2014-04-06 16:08 - 2014-04-06 16:07 - 03104484 _____ () C:\Users\Carolin\Downloads\Take The A Frame.Sims3Pack
2014-04-06 16:07 - 2014-04-06 16:07 - 02899948 _____ () C:\Users\Carolin\Downloads\katelys_afhair02.sims3pack
2014-04-06 16:06 - 2014-04-06 16:06 - 05840454 _____ () C:\Users\Carolin\Downloads\minidress_withknitbolero.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 03276224 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J057-Holic-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:05 - 02861712 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J055-Shero-f.sims3pack
2014-04-06 16:05 - 2014-04-06 16:04 - 03111275 _____ () C:\Users\Carolin\Downloads\NewSea-SIMS3-hair-J059-Camouflage-f.sims3pack
2014-04-06 15:58 - 2014-04-06 15:58 - 24244162 _____ () C:\Users\Carolin\Downloads\Off to Grandmothers.Sims3Pack
2014-04-06 15:56 - 2014-04-06 15:56 - 00965667 _____ () C:\Users\Carolin\Downloads\ekinegeTSR_EmbroideredTulleDress.sims3pack
2014-04-06 15:54 - 2014-04-06 15:54 - 04450671 _____ () C:\Users\Carolin\Downloads\c31_nofringe.sims3pack
2014-04-06 15:50 - 2014-04-06 15:50 - 00213536 _____ () C:\Users\Carolin\Downloads\Shoes Marta by altea127.sims3pack
2014-04-06 15:50 - 2014-04-06 15:49 - 09863934 _____ () C:\Users\Carolin\Downloads\Philo_Escape.Sims3Pack
2014-04-06 15:49 - 2014-04-06 15:49 - 04678660 _____ () C:\Users\Carolin\Downloads\c67_sorrow_cf.sims3pack
2014-04-06 15:49 - 2014-04-06 15:49 - 03045901 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-046-TSR Skysims3.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 03494125 _____ () C:\Users\Carolin\Downloads\c73_cf.sims3pack
2014-04-06 15:47 - 2014-04-06 15:47 - 02814005 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-057-TSR Skysims3.sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf (1).sims3pack
2014-04-06 15:43 - 2014-04-06 15:43 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af (1).sims3pack
2014-04-06 15:42 - 2014-04-06 15:42 - 05000197 _____ () C:\Users\Carolin\Downloads\c72_af.sims3pack
2014-04-06 15:42 - 2014-04-06 15:41 - 05295989 _____ () C:\Users\Carolin\Downloads\c79_cf.sims3pack
2014-04-06 15:39 - 2014-04-06 15:39 - 04942072 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-c.sims3pack
2014-04-06 15:39 - 2014-04-06 15:38 - 04907257 _____ () C:\Users\Carolin\Downloads\cazyhair89_mywill-f.sims3pack
2014-04-06 15:38 - 2014-04-06 15:38 - 03284634 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-096-TSR Skysims3.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 05278992 _____ () C:\Users\Carolin\Downloads\c45a_btvsrevival_af.sims3pack
2014-04-06 15:37 - 2014-04-06 15:37 - 04706900 _____ () C:\Users\Carolin\Downloads\Cazy_Hair_c70_2013_af.sims3pack
2014-04-06 15:36 - 2014-04-06 15:36 - 01714021 _____ () C:\Users\Carolin\Downloads\1070698.zip
2014-04-06 15:35 - 2014-04-06 15:35 - 00222970 _____ () C:\Users\Carolin\Downloads\A splash of Freckles.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05919067 _____ () C:\Users\Carolin\Downloads\c94_af.sims3pack
2014-04-06 15:32 - 2014-04-06 15:32 - 05252415 _____ () C:\Users\Carolin\Downloads\c90_af.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 04791928 _____ () C:\Users\Carolin\Downloads\c90_cf.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03353432 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-101-TSR Skysims3.sims3pack
2014-04-06 15:31 - 2014-04-06 15:31 - 03338995 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-101-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03934042 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-109-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:28 - 03051903 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-108-TSR Skysims3.sims3pack
2014-04-06 15:28 - 2014-04-06 15:27 - 05812791 _____ () C:\Users\Carolin\Downloads\Cazy_C97_AF.sims3pack
2014-04-06 15:25 - 2014-04-06 15:25 - 06108982 _____ () C:\Users\Carolin\Downloads\Cazy_104_cf.sims3pack
2014-04-06 15:25 - 2014-04-06 15:24 - 06388609 _____ () C:\Users\Carolin\Downloads\Cazy_104_af.sims3pack
2014-04-06 15:23 - 2014-04-06 15:23 - 01401644 _____ () C:\Users\Carolin\Downloads\NataliS flower earrings FA-FE.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 04778008 _____ () C:\Users\Carolin\Downloads\Alesso_Burn.sims3pack
2014-04-06 15:22 - 2014-04-06 15:22 - 03080058 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 03070179 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:21 - 02843475 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-140-TSR Skysims3.sims3pack
2014-04-06 15:21 - 2014-04-06 15:20 - 02680769 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_child-141-TSR Skysims3.sims3pack
2014-04-06 15:19 - 2014-04-06 15:18 - 02664451 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-161-TSR Skysims3.sims3pack
2014-04-06 15:18 - 2014-04-06 15:18 - 05140389 _____ () C:\Users\Carolin\Downloads\c114_pf.sims3pack
2014-04-06 15:17 - 2014-04-06 15:17 - 04018806 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair10.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 04357580 _____ () C:\Users\Carolin\Downloads\Alesso_Sun.sims3pack
2014-04-06 15:16 - 2014-04-06 15:16 - 03201777 _____ () C:\Users\Carolin\Downloads\Nightcrawler-AFhair11.sims3pack
2014-04-06 15:14 - 2014-04-06 15:14 - 03241581 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_adult-167-TSR Skysims3.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 04817687 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair12.sims3pack
2014-04-06 15:13 - 2014-04-06 15:13 - 03293854 _____ () C:\Users\Carolin\Downloads\Hairstyle_F_toddler-167-TSR Skysims3.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03026766 _____ () C:\Users\Carolin\Downloads\Skysims Hair Toddler 198.sims3pack
2014-04-06 15:11 - 2014-04-06 15:11 - 03017430 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 198.sims3pack
2014-04-06 15:09 - 2014-04-06 15:09 - 01274240 _____ () C:\Users\Carolin\Downloads\Midnight Princess Gown- JS#2234.sims3pack
2014-04-06 15:07 - 2014-04-06 15:06 - 02102777 _____ () C:\Users\Carolin\Downloads\Harmonia_LaceDressMini02.sims3pack
2014-04-06 15:03 - 2014-04-06 15:03 - 11587124 _____ () C:\Users\Carolin\Downloads\Amon Villa.Sims3Pack
2014-04-06 15:01 - 2014-04-06 15:01 - 04310202 _____ () C:\Users\Carolin\Downloads\The Dundas.Sims3Pack
2014-04-06 14:52 - 2013-11-14 03:32 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-04-06 14:52 - 2013-11-14 03:32 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-04-06 14:52 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-06 14:43 - 2014-01-05 23:29 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Microsoft Games
2014-04-06 14:20 - 2014-04-06 14:19 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR (1).Sims3Pack
2014-04-06 14:19 - 2014-04-06 14:19 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic (1).sims3pack
2014-04-06 14:19 - 2014-04-06 14:19 - 00145360 _____ () C:\Users\Carolin\Downloads\Chair_001_by_CATcorp.sims3pack
2014-04-06 14:17 - 2014-04-06 14:17 - 01954471 _____ () C:\Users\Carolin\Downloads\boots shoes 6 annflower1.sims3pack
2014-04-06 14:15 - 2014-04-06 14:14 - 38902914 _____ () C:\Users\Carolin\Downloads\evi Lovers Lane 2014.Sims3Pack
2014-04-06 14:07 - 2014-04-06 14:07 - 01548610 _____ () C:\Users\Carolin\Downloads\1237754.zip
2014-04-06 14:06 - 2014-04-06 14:06 - 02874515 _____ () C:\Users\Carolin\Downloads\EsyraM Floral spring dress.sims3pack
2014-04-05 23:44 - 2014-01-05 23:29 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-04-04 00:34 - 2013-11-14 18:14 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 00:34 - 2013-11-14 18:14 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 09:51 - 2014-04-18 18:30 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-18 18:30 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-18 18:30 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:58 - 2014-04-02 21:58 - 10236307 _____ () C:\Users\Carolin\Downloads\UlkerHairFashionista11.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 05641129 _____ () C:\Users\Carolin\Downloads\Suspender_Shirt.sims3pack
2014-04-02 21:57 - 2014-04-02 21:57 - 03980956 _____ () C:\Users\Carolin\Downloads\cleo_longdressvintage.sims3pack
2014-04-02 21:57 - 2014-04-02 21:56 - 07304318 _____ () C:\Users\Carolin\Downloads\1155393.zip
2014-04-02 21:56 - 2014-04-02 21:56 - 01732856 _____ () C:\Users\Carolin\Downloads\NyGirl_Loungin_Around Outfit.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 02570224 _____ () C:\Users\Carolin\Downloads\1236613.zip
2014-04-02 21:55 - 2014-04-02 21:55 - 02000438 _____ () C:\Users\Carolin\Downloads\On the Beach.sims3pack
2014-04-02 21:55 - 2014-04-02 21:55 - 01064617 _____ () C:\Users\Carolin\Downloads\[Alexandra_Sine] Layla 2Piece Bodycon Dress.sims3pack
2014-04-02 21:52 - 2014-04-02 21:52 - 04338702 _____ () C:\Users\Carolin\Downloads\Cazy_Hairmesh26b_STEPS_af.sims3pack
2014-04-02 21:51 - 2014-04-02 21:50 - 39041650 _____ () C:\Users\Carolin\Downloads\Isabela_byRirann@TSR.Sims3Pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01670176 _____ () C:\Users\Carolin\Downloads\Cosmos dress YA - A [MS].sims3pack
2014-04-02 21:50 - 2014-04-02 21:50 - 01669052 _____ () C:\Users\Carolin\Downloads\RockabillyDress1-Magic.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 07970116 _____ () C:\Users\Carolin\Downloads\Women's Casual Wear Trio by melisa inci.sims3pack
2014-04-02 21:48 - 2014-04-02 21:48 - 04732562 _____ () C:\Users\Carolin\Downloads\Alesso_Paws.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 02154645 _____ () C:\Users\Carolin\Downloads\MiraMinkova_Bloody_Mary.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01509089 _____ () C:\Users\Carolin\Downloads\[pz]graceful.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 01001801 _____ () C:\Users\Carolin\Downloads\tolina_My_Wonderland.sims3pack
2014-04-02 21:46 - 2014-04-02 21:46 - 00918301 _____ () C:\Users\Carolin\Downloads\ASIA-FAB-012.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 03893712 _____ () C:\Users\Carolin\Downloads\Sonata77 adult female 07.sims3pack
2014-04-02 21:40 - 2014-04-02 21:40 - 01199860 _____ () C:\Users\Carolin\Downloads\RedCat - Pencil Dress with Lace Details.sims3pack
2014-04-02 21:39 - 2014-04-02 21:39 - 00141608 _____ () C:\Users\Carolin\Downloads\Lipgloss N2.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 04665983 _____ () C:\Users\Carolin\Downloads\Lianaa_TSR_211009_FormalDress_1.sims3pack
2014-04-02 21:22 - 2014-04-02 21:22 - 00931591 _____ () C:\Users\Carolin\Downloads\SimDetails@TSR_FA_Daisy Dress.sims3pack
2014-04-02 21:17 - 2014-04-02 21:17 - 01719358 _____ () C:\Users\Carolin\Downloads\Essence-Donthangup.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 01785980 _____ () C:\Users\Carolin\Downloads\Casual Class-Mh75.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00874497 _____ () C:\Users\Carolin\Downloads\mimetic_fandance_dress.sims3pack
2014-04-02 20:55 - 2014-04-02 20:55 - 00544857 _____ () C:\Users\Carolin\Downloads\ilikemusic640@TSR Sparkly Heels AF.sims3pack
2014-04-02 20:54 - 2014-04-02 20:54 - 01301782 _____ () C:\Users\Carolin\Downloads\Sam_AdultPoiseWillBePoise.sims3pack
2014-04-02 20:45 - 2014-04-02 20:45 - 08309427 _____ () C:\Users\Carolin\Downloads\1184702.zip
2014-03-31 23:49 - 2014-03-31 23:49 - 04965231 _____ () C:\Users\Carolin\Downloads\Mini Chinese Garden.Sims3Pack
2014-03-31 23:43 - 2014-03-31 23:43 - 08038598 _____ () C:\Users\Carolin\Downloads\1009818.zip
2014-03-31 23:41 - 2014-03-31 23:41 - 00313939 _____ () C:\Users\Carolin\Downloads\[PS] Ballerina Shoes.sims3pack
2014-03-31 23:40 - 2014-03-31 23:40 - 08038598 _____ () C:\Users\Carolin\Downloads\nicht installiert.zip
2014-03-31 23:38 - 2014-03-31 23:38 - 04170051 _____ () C:\Users\Carolin\Downloads\Cyclonesue_PinewoodLodge.Sims3Pack
2014-03-31 23:37 - 2014-03-31 23:37 - 01813477 _____ () C:\Users\Carolin\Downloads\Printed Intimates.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00517149 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart06.sims3pack
2014-03-31 23:36 - 2014-03-31 23:36 - 00499343 _____ () C:\Users\Carolin\Downloads\SV Accessory Heart05.sims3pack
2014-03-31 23:34 - 2014-03-31 23:34 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day (1).sims3pack
2014-03-31 23:32 - 2014-03-31 23:32 - 04053039 _____ () C:\Users\Carolin\Downloads\[spr]Shopping Day.sims3pack
2014-03-31 23:29 - 2014-03-31 23:29 - 00984229 _____ () C:\Users\Carolin\Downloads\~Zodapop~ Bow Accented Multi-print Dress.sims3pack
2014-03-31 23:26 - 2014-03-31 23:26 - 00341831 _____ () C:\Users\Carolin\Downloads\ShojoAngel_S3_EyeSet20-V2.sims3pack
2014-03-31 23:25 - 2014-03-31 23:25 - 05826757 _____ () C:\Users\Carolin\Downloads\1179050 (1).zip
2014-03-31 23:22 - 2014-03-31 23:22 - 05826757 _____ () C:\Users\Carolin\Downloads\auch uninstalliert.zip
2014-03-31 23:22 - 2014-03-31 23:22 - 04192735 _____ () C:\Users\Carolin\Downloads\Modern Mountain Retreat{1}.Sims3Pack
2014-03-31 23:21 - 2014-03-31 23:20 - 13076664 _____ () C:\Users\Carolin\Downloads\Aneeta...Sims3Pack
2014-03-31 23:20 - 2014-03-31 23:20 - 00494807 _____ () C:\Users\Carolin\Downloads\Susan-SIM3-X_mas_Blush.sims3pack
2014-03-31 23:18 - 2014-03-31 23:18 - 00500286 _____ () C:\Users\Carolin\Downloads\MINI-Kiss Me V2 With Teeth.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 08008932 _____ () C:\Users\Carolin\Downloads\Knitted Top with Ruffle Skirt by melisa inci.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 01508702 _____ () C:\Users\Carolin\Downloads\yvonne_Isabella_Outfit48.sims3pack
2014-03-31 23:16 - 2014-03-31 23:16 - 00288286 _____ () C:\Users\Carolin\Downloads\Gosik Spring garden mascara.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03791569 _____ () C:\Users\Carolin\Downloads\[ZaumaTSR] s3-hair036-Yumiko-F.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 03127950 _____ () C:\Users\Carolin\Downloads\Nightcrawler_AF_Hair17.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02924961 _____ () C:\Users\Carolin\Downloads\Skysims Hair Child 193.sims3pack
2014-03-31 23:15 - 2014-03-31 23:15 - 02883372 _____ () C:\Users\Carolin\Downloads\Skysims Hair Adult 193.sims3pack
2014-03-31 23:13 - 2014-03-31 23:13 - 03583982 _____ () C:\Users\Carolin\Downloads\SimSnake_com_afhair06.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 06599171 _____ () C:\Users\Carolin\Downloads\Alesso_Dreams_C.sims3pack
2014-03-31 23:09 - 2014-03-31 23:09 - 04957515 _____ () C:\Users\Carolin\Downloads\Cazy_c131_af.sims3pack
2014-03-31 23:08 - 2014-03-31 23:08 - 09163720 _____ () C:\Users\Carolin\Downloads\[Sintiklia]Female hair Kikyo.sims3pack
2014-03-31 22:57 - 2014-03-31 22:57 - 07289604 _____ () C:\Users\Carolin\Downloads\uninstalliert.zip
2014-03-31 22:57 - 2014-03-31 22:56 - 11347875 _____ () C:\Users\Carolin\Downloads\1237215.zip
2014-03-31 22:53 - 2014-03-31 22:53 - 03106287 _____ () C:\Users\Carolin\Downloads\by_bukovka_am top with lacing.sims3pack
2014-03-31 22:45 - 2014-03-31 22:45 - 01243897 _____ () C:\Users\Carolin\Downloads\1238052.zip
2014-03-31 22:38 - 2014-03-31 22:38 - 19238904 _____ () C:\Users\Carolin\Downloads\Leticia Bufoni.Sims3Pack
2014-03-31 22:29 - 2014-03-31 22:29 - 01902495 _____ () C:\Users\Carolin\Downloads\1238066.zip
2014-03-31 22:22 - 2014-03-31 22:22 - 00788515 _____ () C:\Users\Carolin\Downloads\Jenny Humphrey Season 2.Sims3Pack
2014-03-31 22:18 - 2014-03-31 22:18 - 02518013 _____ () C:\Users\Carolin\Downloads\Oasis - Unfurnished Version.Sims3Pack
2014-03-31 22:12 - 2014-03-31 22:12 - 01339841 _____ () C:\Users\Carolin\Downloads\ColorBlockSilkDress.sims3pack
2014-03-31 21:23 - 2014-03-20 18:47 - 00039047 _____ () C:\Users\Carolin\Desktop\Heinrich Böll.odt
2014-03-31 13:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-28 23:25 - 2014-03-28 22:09 - 00000000 ____D () C:\HM2Archive
2014-03-28 22:32 - 2014-03-28 22:32 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Hold'em_Manager
2014-03-28 22:09 - 2014-03-28 22:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\HEM Data
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\Users\Carolin\AppData\Local\IsolatedStorage
2014-03-28 22:04 - 2014-03-28 22:04 - 00000000 ____D () C:\ProgramData\XHEO INC
2014-03-28 22:03 - 2014-03-28 22:03 - 00020436 _____ () C:\Users\Carolin\Downloads\install.log
2014-03-28 22:03 - 2014-03-28 22:03 - 00001088 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-03-28 22:03 - 2014-03-28 22:03 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-03-28 22:03 - 2014-03-28 21:58 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-03-28 22:02 - 2014-03-28 22:02 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Vorlagen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Startmenü
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Netzwerkumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Lokale Einstellungen
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Eigene Dateien
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Druckumgebung
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Musik
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Documents\Eigene Bilder
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Verlauf
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 _SHDL () C:\Users\postgres\Anwendungsdaten
2014-03-28 22:02 - 2014-03-28 22:02 - 00000000 ____D () C:\Users\postgres
2014-03-28 22:02 - 2014-03-28 21:59 - 00000000 ____D () C:\postgreSQL
2014-03-28 21:57 - 2014-03-28 21:56 - 95674999 _____ () C:\Users\Carolin\Downloads\8056_HoldemManager2Setup.exe
2014-03-28 14:57 - 2014-03-28 14:57 - 17879432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Sun
2014-03-21 15:53 - 2014-03-21 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-21 15:52 - 2014-03-21 15:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-21 15:52 - 2014-03-21 15:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-21 15:52 - 2014-03-21 15:52 - 00000000 ____D () C:\Program Files (x86)\Java

Some content of TEMP:
====================
C:\Users\Carolin\AppData\Local\Temp\avgnt.exe
C:\Users\Carolin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 23:33

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2014 01
Ran by Carolin at 2014-04-20 21:33:58
Running from C:\Users\Carolin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)

==================== Restore Points  =========================

10-04-2014 17:29:06 Removed Microsoft Silverlight
10-04-2014 18:46:15 Uniblue SpeedUpMyPC installation
11-04-2014 08:55:28 Windows Modules Installer
15-04-2014 01:00:48 Windows Update
17-04-2014 16:07:36 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3152CB30-EA16-4929-94B8-DB611B4A5254} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {3E02BC1E-955D-43F0-942F-B2970EE6FA03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-14] (Google Inc.)
Task: {4564F9EB-6BAB-494E-837A-9575DA718248} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {575F5FF0-955C-45BD-B16D-8C9E36ECC147} - System32\Tasks\{CF7C20EC-4B4B-443C-85FA-C0233D04E90F} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {581CC6A9-A759-49C6-8209-091E21C939A8} - System32\Tasks\Games\UpdateCheck_S-1-5-21-999138141-1912988859-3756178019-1001
Task: {9624BB95-1194-428F-B3E1-68F79203F3C4} - System32\Tasks\{0609E5A5-5A78-499E-95B5-C24D728AB914} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2013-12-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-16 18:54 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-11-16 11:54 - 2013-10-31 20:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-28 22:01 - 2014-02-18 10:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-03-28 22:01 - 2012-08-14 15:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-11-16 18:54 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-04-11 21:42 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-11 21:42 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-11 21:42 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-11 21:42 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-11 21:42 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-11 21:42 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Massenspeichercontroller
Description: Massenspeichercontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mini Card
Description: Mini Card
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 09:28:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 09:26:51 PM) (Source: PostgreSQL) (User: )
Description: 2014-04-20 21:26:51 CESTFATAL:  the database system is starting up

Error: (04/20/2014 09:22:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/20/2014 09:17:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (04/19/2014 10:59:21 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (04/20/2014 09:28:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 09:26:51 PM) (Source: PostgreSQL)(User: )
Description: 2014-04-20 21:26:51 CESTFATAL:  the database system is starting up

Error: (04/20/2014 09:22:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Carolin\Downloads\esetsmartinstaller_enu.exe

Error: (04/20/2014 09:17:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2014-04-17 19:14:36.560
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-17 19:14:36.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4049.8 MB
Available physical RAM: 2059.66 MB
Total Pagefile: 8097.78 MB
Available Pagefile: 5838.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.87 GB) (Free:199.59 GB) NTFS
Drive d: () (Fixed) (Total:172.79 GB) (Free:132.87 GB) NTFS
Drive e: (Sims3) (CDROM) (Total:5.56 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 141D0EAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=173 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 21.04.2014, 20:21

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Carolin.Abär · 27.04.2014, 21:24

Hi,

danke für die Hilfe, mein Computer funktioniert so weit wieder, nur mein Avira hängt noch immer beim Suchlauf.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-04-2014 01
Ran by Carolin at 2014-04-21 21:44:01 Run:1
Running from C:\Users\Carolin\Desktop\Trojanerboard
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====

Ich hab versucht die anderen benutzen Programme (zum Beispiel FRST64) zu löschen, allerdings tauchen diese nicht der Liste unter Systemsteuerung/Programme/Programme deinstallieren auf. Wo finde ich diese bzw. lösche sie?

Mfg,

Caro

schrauber · 28.04.2014, 09:05

Delfix wie beschrieben laufen lassen, das entfernt FRST und ale anderen benutzten programme. Bei weilcher Datei hängt Avira?

28.04.2014, 09:05	#15
schrauber /// the machine /// TB-Ausbilder	Vermüllung des PC + Virus? Delfix wie beschrieben laufen lassen, das entfernt FRST und ale anderen benutzten programme. Bei weilcher Datei hängt Avira? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Vermüllung des PC + Virus?

Log-Analyse und Auswertung: Vermüllung des PC + Virus?