Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Würmer & Trojaner auf Wechsdatenträgern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.01.2014, 17:46   #1
Badumtss
 
Würmer & Trojaner auf Wechsdatenträgern - Beitrag

Würmer & Trojaner auf Wechsdatenträgern



Hallo Trojaner-Board-Team!
Ich habe ein Problem seitdem ich meine Wechseldatenträger (USB-Stick & SD-Karte) mit einem anderen Rechner verbunden habe, habe ich mir scheinbar etwas eingefangen. Als ich ihn mal wieder mit meinem Rechner verbunden habe hat mir Avast gemeldet, dass sich 2 Schädlinge auf meinem USB-Stick und ein Schädling auf meiner SD-Karte befinden und hat sie in Quarantäne verschoben. Glücklicherweise ist nichts auf meinen Rechner übergegangen. (zumindest denke ich das )

Ich hätte da noch 2 Fragen dazu:
- Wie entferne ich diese Schädlinge?
- Wie kann ich am Besten herausfinden ob sie vielleicht doch auf meinen Rechner übergegangen sind?

Auf meinem Laptop ist Windows 8.1 installiert, falls das wichtig ist. Die Namen der Viren müsste ich im Container von Avast suchen, falls die auch benötigt werden.

Da ich mich kein bisschen damit auskenne, hoffe ich jemand von euch kann mir helfen und mir erklären kann wie ich vorgehen soll.

LG
Badumtss

Geändert von Badumtss (24.01.2014 um 18:46 Uhr)

Alt 24.01.2014, 19:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 24.01.2014, 19:53   #3
Badumtss
 
Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



Hi schrauber!

Danke für deine schnelle Antwort!
Ich will nur sicherheitshalber nachfragen, muss ich den bzw. die Wechseldatenträger anschließen und mit FRST einen Scan machen oder einfach nur so vom Rechner? Wie gesagt, kenn mich da nicht so aus.

LG
Badumtss
__________________

Alt 25.01.2014, 12:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



Ja beides anschliessen und nicht mehr abklemmen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.01.2014, 13:41   #5
Badumtss
 
Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



Habe versehentlich doch ohne Wechseldatenträger gescannt, ich häng die Logfiles mal hier an. Ich führe gleich noch einen Scan durch mit den Wechseldatenträgern.

FRST Logfile:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014
Ran by Clarissaa (ATTENTION: The logged in user is not administrator) on HOME on 25-01-2014 14:31:58
Running from C:\Users\Clarissaa\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM\...\Run: [lxctmon.exe] - C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe [291760 2007-03-19] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe [82864 2007-03-19] (Lexmark International Inc.)
HKLM\...\Run: [LXCTCATS] - C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll [31744 2006-11-21] (Lexmark International Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Lexmark 5400 Series] - C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe [304048 2007-03-19] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-22] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [BrowserChoice] - C:\WINDOWS\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\75358d33-6b17-4bdf-b4f3-27415ad24085.exe /check [181136 2014-01-02] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Clarissaa\AppData\Roaming\Mozilla\Firefox\Profiles\b4bv42w6.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

U2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-22] (AVAST Software)
U2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-02] (AVAST Software)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
U2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
U2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
U2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-22] (AVAST Software)
U1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [439648 2014-01-09] (AVAST Software)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-29] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-29] ()
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-22] (AVAST Software)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-22] (AVAST Software)
U3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-22] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
U3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-30] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-30] (Microsoft Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 14:31 - 2014-01-25 14:32 - 00015059 _____ C:\Users\Clarissaa\Downloads\FRST.txt
2014-01-25 14:31 - 2014-01-25 14:31 - 00000000 ____D C:\FRST
2014-01-25 14:26 - 2014-01-25 14:26 - 02077696 _____ (Farbar) C:\Users\Clarissaa\Downloads\FRST64.exe
2014-01-21 20:27 - 2014-01-21 20:27 - 09506961 _____ C:\Users\Clarissaa\Downloads\VID_20130824_185617(1).mkv
2014-01-21 20:26 - 2014-01-21 20:27 - 10457556 _____ C:\Users\Clarissaa\Downloads\VID_20130806_153330(1).mkv
2014-01-21 20:26 - 2014-01-21 20:26 - 07982299 _____ C:\Users\Clarissaa\Downloads\VID_20130731_201009.mkv
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\ProgramData\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\Program Files\Google
2014-01-16 21:51 - 2014-01-16 21:51 - 00038726 _____ C:\Users\Clarissaa\AppData\Local\recently-used.xbel
2014-01-14 20:55 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-14 20:55 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-14 20:55 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-14 20:55 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-14 20:55 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-14 20:55 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 20:55 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-14 20:55 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 20:55 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-14 20:55 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-14 20:55 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-09 20:56 - 2014-01-09 20:56 - 10457556 _____ C:\Users\Clarissaa\Downloads\VID_20130806_153330.mkv
2014-01-09 20:56 - 2014-01-09 20:56 - 09506961 _____ C:\Users\Clarissaa\Downloads\VID_20130824_185617.mkv
2014-01-09 13:12 - 2014-01-09 15:28 - 00015676 _____ C:\Users\Clarissaa\Documents\smoothie.wlmp
2014-01-03 00:00 - 2014-01-22 22:32 - 00001984 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-02 23:15 - 2014-01-02 23:15 - 00002050 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-02 23:14 - 2014-01-09 22:28 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-02 23:10 - 2014-01-02 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-12-30 08:13 - 2014-01-25 14:24 - 00000000 __RDO C:\Users\Clarissaa\SkyDrive
2013-12-30 08:09 - 2013-12-30 08:09 - 00001452 _____ C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 08:08 - 2013-12-30 08:08 - 00000020 ___SH C:\Users\Clarissaa\ntuser.ini
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-30 01:03 - 2013-12-30 01:03 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-30 00:51 - 2013-12-30 00:51 - 00000000 _____ C:\WINDOWS\system32\lxctcomm.dll
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-30 00:40 - 2014-01-02 22:21 - 00000000 ____D C:\Users\clari_000
2013-12-30 00:40 - 2013-12-30 08:13 - 00000000 ____D C:\Users\Clarissaa
2013-12-30 00:40 - 2013-12-30 01:03 - 00040008 _____ C:\WINDOWS\diagwrn.xml
2013-12-30 00:40 - 2013-12-30 01:03 - 00040008 _____ C:\WINDOWS\diagerr.xml
2013-12-30 00:40 - 2013-12-30 00:42 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Vorlagen
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Startmenü
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Netzwerkumgebung
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Lokale Einstellungen
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Eigene Dateien
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Druckumgebung
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Documents\Eigene Musik
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Documents\Eigene Bilder
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Local\Verlauf
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Local\Anwendungsdaten
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Anwendungsdaten
2013-12-30 00:40 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-30 00:40 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-30 00:40 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-30 00:34 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-12-30 00:34 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-12-30 00:34 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-12-30 00:34 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-12-30 00:33 - 2014-01-25 14:24 - 02059050 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-30 00:33 - 2013-12-30 00:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-30 00:33 - 2013-12-30 00:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\Program Files\VIA
2013-12-30 00:32 - 2013-12-30 00:46 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-30 00:32 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-12-30 00:32 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-12-30 00:29 - 2014-01-02 22:44 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-30 00:29 - 2013-12-30 00:29 - 00000000 __SHD C:\Recovery
2013-12-30 00:27 - 2013-12-30 00:27 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-30 00:27 - 2013-12-30 00:27 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-30 00:26 - 2013-12-30 00:26 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-30 00:26 - 2013-12-30 00:26 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-30 00:26 - 2013-12-30 00:26 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-30 00:26 - 2013-12-30 00:26 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-30 00:25 - 2013-12-30 00:25 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-30 00:25 - 2013-12-30 00:25 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-30 00:25 - 2013-12-30 00:25 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-30 00:21 - 2013-12-30 00:49 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files\MSBuild
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-30 00:20 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-30 00:20 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-30 00:20 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-30 00:20 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-30 00:20 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-30 00:20 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-29 23:53 - 2013-12-30 01:03 - 00006513 _____ C:\WINDOWS\comsetup.log
2013-12-29 20:33 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-12-29 20:32 - 2013-12-29 20:32 - 00000000 ____D C:\Program Files\iPod
2013-12-29 20:31 - 2013-12-29 20:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-29 20:31 - 2013-12-29 20:33 - 00000000 ____D C:\Program Files\iTunes
2013-12-29 20:31 - 2013-12-29 20:33 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-29 20:08 - 2013-12-29 20:08 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-29 19:54 - 2014-01-22 22:31 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-29 19:54 - 2014-01-22 22:31 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-29 19:54 - 2014-01-22 22:31 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-29 19:54 - 2014-01-22 22:31 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-29 19:54 - 2014-01-22 22:31 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-29 19:54 - 2014-01-22 22:31 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-29 19:54 - 2013-12-29 19:54 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\AVAST Software
2013-12-29 19:53 - 2013-12-29 19:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 19:50 - 2013-12-29 19:50 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 19:49 - 2013-12-29 19:49 - 91412976 _____ (AVAST Software) C:\Users\Clarissaa\Downloads\avast_free_antivirus_setup_9.0.2011.263.exe

==================== One Month Modified Files and Folders =======

2014-01-25 14:32 - 2014-01-25 14:31 - 00015059 _____ C:\Users\Clarissaa\Downloads\FRST.txt
2014-01-25 14:31 - 2014-01-25 14:31 - 00000000 ____D C:\FRST
2014-01-25 14:31 - 2013-05-28 22:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-25 14:26 - 2014-01-25 14:26 - 02077696 _____ (Farbar) C:\Users\Clarissaa\Downloads\FRST64.exe
2014-01-25 14:24 - 2013-12-30 08:13 - 00000000 __RDO C:\Users\Clarissaa\SkyDrive
2014-01-25 14:24 - 2013-12-30 00:33 - 02059050 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-25 14:24 - 2013-05-28 22:30 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 14:24 - 2013-01-16 16:06 - 00000380 _____ C:\Users\Clarissaa\AppData\Roaming\sp_data.sys
2014-01-25 14:15 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2014-01-25 14:15 - 2013-01-26 15:14 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\Skype
2014-01-25 14:14 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-25 14:14 - 2013-05-28 22:30 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 14:12 - 2013-11-14 08:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-25 14:12 - 2013-11-14 08:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-25 14:12 - 2013-11-14 08:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-25 14:04 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-25 14:04 - 2012-10-29 20:16 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-24 06:52 - 2013-08-22 15:46 - 00377403 _____ C:\WINDOWS\setupact.log
2014-01-24 06:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-22 22:58 - 2013-11-13 23:18 - 00008772 _____ C:\WINDOWS\PFRO.log
2014-01-22 22:32 - 2014-01-03 00:00 - 00001984 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-22 22:31 - 2013-12-29 19:54 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-22 22:31 - 2013-12-29 19:54 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-22 18:43 - 2013-09-08 12:57 - 00266600 _____ C:\Users\Clarissaa\Documents\hgeschenk2.wlmp
2014-01-21 20:27 - 2014-01-21 20:27 - 09506961 _____ C:\Users\Clarissaa\Downloads\VID_20130824_185617(1).mkv
2014-01-21 20:27 - 2014-01-21 20:26 - 10457556 _____ C:\Users\Clarissaa\Downloads\VID_20130806_153330(1).mkv
2014-01-21 20:26 - 2014-01-21 20:26 - 07982299 _____ C:\Users\Clarissaa\Downloads\VID_20130731_201009.mkv
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\ProgramData\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D C:\Program Files\Google
2014-01-21 19:52 - 2013-05-28 22:30 - 00000000 ____D C:\Users\Clarissaa\AppData\Local\Google
2014-01-21 19:52 - 2013-05-28 22:30 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-17 20:43 - 2013-03-08 19:16 - 00000000 ____D C:\Users\Clarissaa\AppData\Local\Windows Live
2014-01-17 15:01 - 2013-02-04 23:14 - 00000000 ____D C:\Users\Clarissaa\.gimp-2.8
2014-01-17 14:48 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-16 22:08 - 2013-01-16 17:23 - 00000000 ____D C:\Users\Clarissaa\AppData\Local\Microsoft Help
2014-01-16 22:00 - 2013-08-16 22:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 21:57 - 2013-01-16 19:14 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 21:51 - 2014-01-16 21:51 - 00038726 _____ C:\Users\Clarissaa\AppData\Local\recently-used.xbel
2014-01-09 22:28 - 2014-01-02 23:14 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-09 20:56 - 2014-01-09 20:56 - 10457556 _____ C:\Users\Clarissaa\Downloads\VID_20130806_153330.mkv
2014-01-09 20:56 - 2014-01-09 20:56 - 09506961 _____ C:\Users\Clarissaa\Downloads\VID_20130824_185617.mkv
2014-01-09 16:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-09 15:28 - 2014-01-09 13:12 - 00015676 _____ C:\Users\Clarissaa\Documents\smoothie.wlmp
2014-01-07 20:10 - 2013-11-21 15:11 - 00000000 ____D C:\Users\Clarissaa\Documents\Camera
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-04 10:43 - 2013-01-26 14:48 - 00000000 ____D C:\ProgramData\Samsung
2014-01-04 10:43 - 2012-10-29 20:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-02 23:24 - 2013-05-16 15:12 - 00000000 ____D C:\Program Files (x86)\NCH Software
2014-01-02 23:22 - 2013-02-18 15:58 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\Dropbox
2014-01-02 23:22 - 2013-01-16 16:06 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 23:15 - 2014-01-02 23:15 - 00002050 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-02 23:10 - 2014-01-02 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2014-01-02 23:10 - 2013-01-16 16:03 - 00000000 ____D C:\Users\Clarissaa\AppData\Local\Packages
2014-01-02 23:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2014-01-02 23:01 - 2013-02-18 16:01 - 00000000 ___RD C:\Users\Clarissaa\Dropbox
2014-01-02 22:44 - 2013-12-30 00:29 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-02 22:21 - 2013-12-30 00:40 - 00000000 ____D C:\Users\clari_000
2013-12-30 08:13 - 2013-12-30 00:40 - 00000000 ____D C:\Users\Clarissaa
2013-12-30 08:09 - 2013-12-30 08:09 - 00001452 _____ C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 08:09 - 2013-01-16 16:06 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-30 08:08 - 2013-12-30 08:08 - 00000020 ___SH C:\Users\Clarissaa\ntuser.ini
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Programme
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-30 01:05 - 2013-12-30 01:05 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-30 01:05 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-12-30 01:05 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-30 01:03 - 2013-12-30 01:03 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-30 01:03 - 2013-12-30 00:40 - 00040008 _____ C:\WINDOWS\diagwrn.xml
2013-12-30 01:03 - 2013-12-30 00:40 - 00040008 _____ C:\WINDOWS\diagerr.xml
2013-12-30 01:03 - 2013-12-29 23:53 - 00006513 _____ C:\WINDOWS\comsetup.log
2013-12-30 01:03 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-30 00:55 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-30 00:54 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-30 00:51 - 2013-12-30 00:51 - 00000000 _____ C:\WINDOWS\system32\lxctcomm.dll
2013-12-30 00:51 - 2012-10-29 20:17 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-12-30 00:51 - 2012-10-29 20:17 - 00000000 ____D C:\WINDOWS\system32\NV
2013-12-30 00:50 - 2013-08-22 15:44 - 00473776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-30 00:49 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-30 00:49 - 2013-12-12 20:09 - 00000000 ____D C:\WINDOWS\de
2013-12-30 00:49 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\ShellNew
2013-12-30 00:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-30 00:49 - 2012-10-29 20:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-30 00:47 - 2013-12-30 00:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-30 00:47 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-30 00:47 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-30 00:47 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-30 00:47 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-30 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-30 00:47 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-30 00:47 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-30 00:47 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-30 00:46 - 2013-12-30 00:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-30 00:46 - 2013-12-30 00:32 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-30 00:46 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-30 00:46 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-30 00:46 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-30 00:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-12-30 00:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-12-30 00:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-30 00:46 - 2012-08-02 14:28 - 00000000 ____D C:\ProgramData\PRICache
2013-12-30 00:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-30 00:45 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-30 00:42 - 2013-12-30 00:40 - 00000000 ___RD C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-30 00:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Vorlagen
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Startmenü
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Netzwerkumgebung
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Lokale Einstellungen
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Eigene Dateien
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Druckumgebung
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Documents\Eigene Musik
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Documents\Eigene Bilder
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Local\Verlauf
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\AppData\Local\Anwendungsdaten
2013-12-30 00:40 - 2013-12-30 00:40 - 00000000 _SHDL C:\Users\Clarissaa\Anwendungsdaten
2013-12-30 00:34 - 2013-12-30 00:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-30 00:33 - 2013-12-30 00:33 - 00000000 ____D C:\Program Files\VIA
2013-12-30 00:29 - 2013-12-30 00:29 - 00000000 __SHD C:\Recovery
2013-12-30 00:27 - 2013-12-30 00:27 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-30 00:27 - 2013-12-30 00:27 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-30 00:27 - 2013-12-30 00:27 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-30 00:26 - 2013-12-30 00:26 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-30 00:26 - 2013-12-30 00:26 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-30 00:26 - 2013-12-30 00:26 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-30 00:26 - 2013-12-30 00:26 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-30 00:26 - 2013-12-30 00:26 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-30 00:26 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-30 00:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-30 00:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-30 00:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-30 00:25 - 2013-12-30 00:25 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-30 00:25 - 2013-12-30 00:25 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-30 00:25 - 2013-12-30 00:25 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-30 00:25 - 2013-12-30 00:25 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-30 00:25 - 2013-12-30 00:25 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-30 00:25 - 2013-12-30 00:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-30 00:25 - 2013-12-30 00:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files\MSBuild
2013-12-30 00:21 - 2013-12-30 00:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-30 00:09 - 2012-10-29 20:34 - 01571286 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-12-29 22:27 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-29 20:33 - 2013-12-29 20:31 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-29 20:33 - 2013-12-29 20:31 - 00000000 ____D C:\Program Files\iTunes
2013-12-29 20:33 - 2013-12-29 20:31 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-29 20:33 - 2013-01-29 21:26 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-29 20:32 - 2013-12-29 20:32 - 00000000 ____D C:\Program Files\iPod
2013-12-29 20:31 - 2013-01-29 21:24 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-29 20:08 - 2013-12-29 20:08 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-29 20:05 - 2012-08-17 01:52 - 00000000 ____D C:\ProgramData\Adobe
2013-12-29 19:54 - 2013-12-29 19:54 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-29 19:54 - 2013-12-29 19:54 - 00000000 ____D C:\Users\Clarissaa\AppData\Roaming\AVAST Software
2013-12-29 19:53 - 2013-12-29 19:53 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-29 19:50 - 2013-12-29 19:50 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-29 19:49 - 2013-12-29 19:49 - 91412976 _____ (AVAST Software) C:\Users\Clarissaa\Downloads\avast_free_antivirus_setup_9.0.2011.263.exe
2013-12-26 21:16 - 2013-02-18 16:01 - 00580096 ___SH C:\Users\Clarissaa\Documents\Thumbs.db

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2014
Ran by Clarissaa at 2014-01-25 14:33:15
Running from C:\Users\Clarissaa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (x32 Version: 3.6.142.61624 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.6.142.61624 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (x32 Version: 1.2.8 - ASUS)
ASUS InstantOn (x32 Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.4 - ASUS)
ASUS Live Update (x32 Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (x32 Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0002 - ASUS)
ASUS Tutor (x32 Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (x32 Version: 1.0.0022 - ASUS)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
FaxRedist (x32 Version: 1.0.0 -  )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Lexmark 5400 Series (Version:  - Lexmark International, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Treiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Ralink RT2860 Wireless LAN Card (x32 Version: 1.2.0.40 - Ralink)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
VIA Platform Device Manager (x32 Version: 1.39 - VIA Technologies, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Movie Maker 2.0 (x32 Version: 2.0.0000 - Microsoft Corporation) Hidden
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148 - ASUS)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-29 20:21 - 2012-08-16 11:04 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-29 20:21 - 2012-08-16 11:04 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\system32\lxctcomm.dll:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Clarissaa\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Systemfehler 5 aufgetreten.

Zugriff verweigert
         
Habe gerade bemerkt dass kein Häkchen mehr bei "Addition.txt" drinnensteht. Soll ich das Häkchen wieder reinmachen?

Bin auch etwas skeptisch den USB anzustecken. Da Avast eine autorun.inf gefunden hatte und ich Angst habe meinen Rechner zu infizieren. Im Container von Avast lässt sich aber jetzt nichts mehr zu den Viren finden, dachte Avast speichert sich den Namen der Schädlinge im Container.


Geändert von Badumtss (25.01.2014 um 13:59 Uhr)

Alt 26.01.2014, 06:19   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



Drück beim Anstecken die Shift Taste und lass sie gedrückt während des Ansteckens, das deaktiviert den Autostart. REchner ist sauber. Brauchste das was auf den Sticks ist?

Schnellste Methode ist Sticks formatieren.
__________________
--> Würmer & Trojaner auf Wechsdatenträgern

Alt 09.02.2014, 16:58   #7
Badumtss
 
Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



Hi!
Hatte die letzten Wochen leider nicht genug Zeit um den Scan durchzuführen und hab ihn gestern durchgeführt. Jedoch habe ich die Dateien auf dem Stick kurzfristig gebraucht (bevor deine letzte Antwort kam) und habe den Stick auf einem anderen Rechner mit einem Antivirenprogramm bereinigt.
Nach erneutem Anschließen an meinen Laptop kam dann von Avast keine Meldung mehr.
Aber hier mal die Logfiles:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Clarissaa (ATTENTION: The logged in user is not administrator) on HOME on 08-02-2014 16:27:11
Running from C:\Users\Clarissaa\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM\...\Run: [lxctmon.exe] - C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe [291760 2007-03-19] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe [82864 2007-03-19] (Lexmark International Inc.)
HKLM\...\Run: [LXCTCATS] - C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll [31744 2006-11-21] (Lexmark International Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Lexmark 5400 Series] - C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe [304048 2007-03-19] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-22] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [BrowserChoice] - C:\WINDOWS\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\b0dd9fbe-8e33-40ff-9f85-08640c85dd3f.exe /check [181136 2014-02-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-477666940-870925855-1753925322-1002\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-477666940-870925855-1753925322-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\S-1-5-21-477666940-870925855-1753925322-1002\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Clarissaa\AppData\Roaming\Mozilla\Firefox\Profiles\b4bv42w6.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-22] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-02] (AVAST Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-22] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [439648 2014-01-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-22] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-30] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 16:19 - 2014-02-08 16:19 - 00000000 ____D () C:\Users\Clarissaa\Downloads\FRST-OlderVersion
2014-02-07 21:44 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-07 21:44 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-07 21:44 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-07 21:44 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-07 21:44 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-07 21:44 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-07 21:44 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-07 21:44 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-07 21:44 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-07 21:44 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-07 21:44 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-07 21:44 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-07 21:44 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-07 21:44 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-07 21:44 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-07 21:44 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-07 21:44 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-07 21:44 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-07 21:44 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-07 21:44 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-07 21:44 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-07 21:44 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-07 21:44 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-07 21:44 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-07 21:44 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-07 21:44 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-07 21:44 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-07 21:44 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-07 21:44 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-07 21:44 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-07 21:44 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-07 21:44 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-07 21:44 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-07 21:44 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-07 21:44 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-07 21:44 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-07 21:44 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-07 21:44 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-07 21:44 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-07 21:44 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-07 21:44 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-07 21:44 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-07 21:44 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-07 21:44 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-07 21:44 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-07 21:44 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-07 21:44 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-07 21:44 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-07 21:44 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-07 21:44 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-07 21:44 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-07 21:44 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-07 21:44 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-07 21:44 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-07 21:44 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-07 21:44 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-07 21:43 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-07 21:37 - 2014-02-07 21:37 - 00026102 _____ () C:\Users\Clarissaa\AppData\Local\recently-used.xbel
2014-02-07 20:48 - 2014-02-07 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Coverpgs
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\5400 Series
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM
2014-01-25 19:36 - 2014-01-25 19:38 - 00031341 _____ () C:\Users\Clarissaa\Documents\videoshaha.wlmp
2014-01-25 14:33 - 2014-01-25 14:33 - 00012783 _____ () C:\Users\Clarissaa\Downloads\Addition.txt
2014-01-25 14:31 - 2014-02-08 16:27 - 00014904 _____ () C:\Users\Clarissaa\Downloads\FRST.txt
2014-01-25 14:31 - 2014-02-08 16:27 - 00000000 ____D () C:\FRST
2014-01-25 14:26 - 2014-02-08 16:19 - 02079744 _____ (Farbar) C:\Users\Clarissaa\Downloads\FRST64.exe
2014-01-21 20:27 - 2014-01-21 20:27 - 09506961 _____ () C:\Users\Clarissaa\Downloads\VID_20130824_185617(1).mkv
2014-01-21 20:26 - 2014-01-21 20:27 - 10457556 _____ () C:\Users\Clarissaa\Downloads\VID_20130806_153330(1).mkv
2014-01-21 20:26 - 2014-01-21 20:26 - 07982299 _____ () C:\Users\Clarissaa\Downloads\VID_20130731_201009.mkv
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Clarissaa\AppData\Roaming\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\ProgramData\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\Program Files\Google
2014-01-14 20:55 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-14 20:55 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-14 20:55 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-14 20:55 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-14 20:55 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-14 20:55 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 20:55 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-14 20:55 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 20:55 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-14 20:55 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-14 20:55 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-09 20:56 - 2014-01-09 20:56 - 10457556 _____ () C:\Users\Clarissaa\Downloads\VID_20130806_153330.mkv
2014-01-09 20:56 - 2014-01-09 20:56 - 09506961 _____ () C:\Users\Clarissaa\Downloads\VID_20130824_185617.mkv
2014-01-09 13:12 - 2014-01-09 15:28 - 00015676 _____ () C:\Users\Clarissaa\Documents\smoothie.wlmp

==================== One Month Modified Files and Folders =======

2014-02-08 16:27 - 2014-01-25 14:31 - 00014904 _____ () C:\Users\Clarissaa\Downloads\FRST.txt
2014-02-08 16:27 - 2014-01-25 14:31 - 00000000 ____D () C:\FRST
2014-02-08 16:27 - 2013-12-30 00:33 - 01516504 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-08 16:27 - 2013-01-26 15:14 - 00000000 ____D () C:\Users\Clarissaa\AppData\Roaming\Skype
2014-02-08 16:19 - 2014-02-08 16:19 - 00000000 ____D () C:\Users\Clarissaa\Downloads\FRST-OlderVersion
2014-02-08 16:19 - 2014-01-25 14:26 - 02079744 _____ (Farbar) C:\Users\Clarissaa\Downloads\FRST64.exe
2014-02-08 16:17 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-08 16:17 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-08 16:17 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-08 16:16 - 2013-12-30 08:13 - 00000000 __RDO () C:\Users\Clarissaa\SkyDrive
2014-02-08 16:15 - 2013-01-16 16:06 - 00000380 _____ () C:\Users\Clarissaa\AppData\Roaming\sp_data.sys
2014-02-08 16:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-08 15:53 - 2013-02-28 22:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-08 15:52 - 2013-05-28 22:30 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 15:52 - 2013-01-16 16:06 - 00000000 ___RD () C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-08 15:52 - 2013-01-16 16:06 - 00000000 ___RD () C:\Users\Clarissaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-08 11:14 - 2013-05-28 22:30 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 11:13 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-08 11:13 - 2013-08-22 15:44 - 00473776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-08 11:13 - 2012-10-29 20:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-08 11:11 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-08 11:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-08 11:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-08 11:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-08 11:11 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-08 11:11 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-07 21:50 - 2013-02-04 23:14 - 00000000 ____D () C:\Users\Clarissaa\.gimp-2.8
2014-02-07 21:37 - 2014-02-07 21:37 - 00026102 _____ () C:\Users\Clarissaa\AppData\Local\recently-used.xbel
2014-02-07 21:31 - 2013-05-28 22:30 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-07 20:48 - 2014-02-07 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Coverpgs
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\5400 Series
2014-01-28 08:22 - 2014-01-28 08:22 - 00000000 ____D () C:\Users\SYSTEM
2014-01-28 08:22 - 2013-05-21 09:27 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5400 Series
2014-01-28 08:22 - 2013-01-29 23:03 - 00000504 _____ () C:\lxct.log
2014-01-28 08:19 - 2013-01-29 22:56 - 00000000 ____D () C:\Users\Clarissaa\AppData\Roaming\5400 Series
2014-01-28 08:19 - 2013-01-16 16:03 - 00000000 ____D () C:\Users\Clarissaa\AppData\Local\VirtualStore
2014-01-28 08:17 - 2013-08-22 15:46 - 00378198 _____ () C:\WINDOWS\setupact.log
2014-01-25 19:38 - 2014-01-25 19:36 - 00031341 _____ () C:\Users\Clarissaa\Documents\videoshaha.wlmp
2014-01-25 17:46 - 2013-05-28 22:30 - 00000000 ____D () C:\Users\Clarissaa\AppData\Local\Google
2014-01-25 14:33 - 2014-01-25 14:33 - 00012783 _____ () C:\Users\Clarissaa\Downloads\Addition.txt
2014-01-25 14:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-22 22:58 - 2013-11-13 23:18 - 00008772 _____ () C:\WINDOWS\PFRO.log
2014-01-22 22:32 - 2014-01-03 00:00 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-22 22:31 - 2013-12-29 19:54 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-22 22:31 - 2013-12-29 19:54 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-22 22:31 - 2013-12-29 19:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-21 20:27 - 2014-01-21 20:27 - 09506961 _____ () C:\Users\Clarissaa\Downloads\VID_20130824_185617(1).mkv
2014-01-21 20:27 - 2014-01-21 20:26 - 10457556 _____ () C:\Users\Clarissaa\Downloads\VID_20130806_153330(1).mkv
2014-01-21 20:26 - 2014-01-21 20:26 - 07982299 _____ () C:\Users\Clarissaa\Downloads\VID_20130731_201009.mkv
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Clarissaa\AppData\Roaming\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\ProgramData\Google
2014-01-21 19:52 - 2014-01-21 19:52 - 00000000 ____D () C:\Program Files\Google
2014-01-21 19:52 - 2013-05-28 22:30 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-17 20:43 - 2013-03-08 19:16 - 00000000 ____D () C:\Users\Clarissaa\AppData\Local\Windows Live
2014-01-17 14:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-16 22:08 - 2013-01-16 17:23 - 00000000 ____D () C:\Users\Clarissaa\AppData\Local\Microsoft Help
2014-01-16 22:00 - 2013-08-16 22:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-16 21:57 - 2013-01-16 19:14 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-09 22:28 - 2014-01-02 23:14 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-01-09 20:56 - 2014-01-09 20:56 - 10457556 _____ () C:\Users\Clarissaa\Downloads\VID_20130806_153330.mkv
2014-01-09 20:56 - 2014-01-09 20:56 - 09506961 _____ () C:\Users\Clarissaa\Downloads\VID_20130824_185617.mkv
2014-01-09 16:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-01-09 15:28 - 2014-01-09 13:12 - 00015676 _____ () C:\Users\Clarissaa\Documents\smoothie.wlmp

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
--- --- ---

--- --- ---
Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2014
Ran by Clarissaa at 2014-02-08 16:27:46
Running from C:\Users\Clarissaa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (x32 Version: 3.6.142.61624 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.6.142.61624 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (x32 Version: 1.2.8 - ASUS)
ASUS InstantOn (x32 Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.4 - ASUS)
ASUS Live Update (x32 Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (x32 Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0002 - ASUS)
ASUS Tutor (x32 Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (x32 Version: 1.0.0022 - ASUS)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
FaxRedist (x32 Version: 1.0.0 -  )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Lexmark 5400 Series (Version:  - Lexmark International, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Treiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Ralink RT2860 Wireless LAN Card (x32 Version: 1.2.0.40 - Ralink)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
VIA Platform Device Manager (x32 Version: 1.39 - VIA Technologies, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Movie Maker 2.0 (x32 Version: 2.0.0000 - Microsoft Corporation) Hidden
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148 - ASUS)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-29 20:21 - 2012-08-16 11:04 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-29 20:21 - 2012-08-16 11:04 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-03 21:16 - 2014-01-03 21:16 - 00183808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\ErrorReporting.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Clarissaa\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2014 04:16:33 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/08/2014 03:54:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ezprint.exe, Version: 3.15.0.0, Zeitstempel: 0x45265395
Name des fehlerhaften Moduls: MFC42.DLL, Version: 6.6.8063.0, Zeitstempel: 0x52158160
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001f705
ID des fehlerhaften Prozesses: 0x110c
Startzeit der fehlerhaften Anwendung: 0xezprint.exe0
Pfad der fehlerhaften Anwendung: ezprint.exe1
Pfad des fehlerhaften Moduls: ezprint.exe2
Berichtskennung: ezprint.exe3
Vollständiger Name des fehlerhaften Pakets: ezprint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ezprint.exe5

Error: (02/08/2014 11:15:53 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: spoolsv.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215d570
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x658
Startzeit der fehlerhaften Anwendung: 0xspoolsv.exe0
Pfad der fehlerhaften Anwendung: spoolsv.exe1
Pfad des fehlerhaften Moduls: spoolsv.exe2
Berichtskennung: spoolsv.exe3
Vollständiger Name des fehlerhaften Pakets: spoolsv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spoolsv.exe5

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11937

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11937

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16531

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16531

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2014 09:31:25 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: aswWebRepIE.dll, Version: 9.0.2013.75, Zeitstempel: 0x52d6c48c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001555c
ID des fehlerhaften Prozesses: 0xda8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


System errors:
=============
Error: (02/08/2014 11:15:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/08/2014 11:15:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/08/2014 11:15:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2014 07:57:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/06/2014 11:19:09 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2014 10:10:32 PM) (Source: DCOM) (User: HOME)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/30/2014 08:29:46 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/28/2014 04:23:52 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/28/2014 08:22:46 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (01/28/2014 08:22:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (02/08/2014 04:16:33 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/08/2014 03:54:15 PM) (Source: Application Error)(User: )
Description: ezprint.exe3.15.0.045265395MFC42.DLL6.6.8063.052158160c00000050001f705110c01cf24dd7a691fdeC:\Program Files (x86)\Lexmark 5400 Series\ezprint.exeC:\WINDOWS\SYSTEM32\MFC42.DLLe0a15aee-90d0-11e3-bec1-50465d9b8890

Error: (02/08/2014 11:15:53 AM) (Source: Application Error)(User: )
Description: spoolsv.exe6.3.9600.163845215d570unknown0.0.0.000000000c0000005000000000000000065801cf24b675951805C:\WINDOWS\System32\spoolsv.exeunknownfd9871a5-90a9-11e3-bec1-50465d9b8890

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11937

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11937

Error: (02/07/2014 09:50:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16531

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16531

Error: (02/07/2014 09:47:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/07/2014 09:31:25 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1638452157231aswWebRepIE.dll9.0.2013.7552d6c48cc00000050001555cda801cf24439168d3fcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files\AVAST Software\Avast\aswWebRepIE.dlld000ba4e-9036-11e3-bec0-50465d9b8890


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 3981.7 MB
Available physical RAM: 2444.59 MB
Total Pagefile: 4685.7 MB
Available Pagefile: 2891.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:65.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.44 GB) (Free:258.27 GB) NTFS
Drive f: (HP v220w) (Removable) (Total:3.77 GB) (Free:0.45 GB) FAT32
Drive g: () (Removable) (Total:3.63 GB) (Free:0.55 GB) FAT32

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

Alt 10.02.2014, 11:43   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Würmer & Trojaner auf Wechsdatenträgern - Standard

Würmer & Trojaner auf Wechsdatenträgern



alles gut
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Würmer & Trojaner auf Wechsdatenträgern
andere, anderen, avast, befinden, benötigt, beste, besten, frage, fragen, herausfinden, installiert, laptop, namen, nichts, problem, quarantäne, rechner, schädlinge, sd-karte, suche, trojaner, usb-stick, viren, wechseldatenträger, wichtig, windows, würmer



Ähnliche Themen: Würmer & Trojaner auf Wechsdatenträgern


  1. Trojaner/Würmer/Dropper
    Plagegeister aller Art und deren Bekämpfung - 25.07.2009 (11)
  2. Mehrere Trojaner, Würmer ect.
    Log-Analyse und Auswertung - 14.02.2009 (1)
  3. Log-File Trojaner und Würmer etc..
    Log-Analyse und Auswertung - 17.10.2008 (3)
  4. Trojaner/Würmer auf Laptop??
    Log-Analyse und Auswertung - 12.08.2008 (1)
  5. Trojaner + Würmer?
    Plagegeister aller Art und deren Bekämpfung - 20.07.2008 (12)
  6. Trojaner, Würmer und dergleichen...
    Plagegeister aller Art und deren Bekämpfung - 16.09.2007 (6)
  7. Trojaner, Würmer usw.????
    Log-Analyse und Auswertung - 07.07.2006 (3)
  8. ein paar trojaner /würmer
    Log-Analyse und Auswertung - 27.03.2006 (2)
  9. Würmer? Trojaner? .exe geändert!
    Log-Analyse und Auswertung - 18.02.2006 (8)
  10. trojaner und würmer
    Plagegeister aller Art und deren Bekämpfung - 02.07.2005 (5)
  11. trojaner u. würmer
    Plagegeister aller Art und deren Bekämpfung - 07.06.2005 (3)
  12. Würmer - Viren - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.03.2005 (1)
  13. Lauter Würmer und Trojaner am PC?!
    Plagegeister aller Art und deren Bekämpfung - 20.02.2005 (7)
  14. Diverse Würmer und Trojaner
    Plagegeister aller Art und deren Bekämpfung - 06.02.2005 (1)
  15. Würmer und Trojaner Problem
    Plagegeister aller Art und deren Bekämpfung - 21.12.2004 (11)
  16. Würmer / Trojaner in Archiven
    Plagegeister aller Art und deren Bekämpfung - 11.11.2004 (9)
  17. AV meldet würmer und trojaner
    Log-Analyse und Auswertung - 29.10.2004 (4)

Zum Thema Würmer & Trojaner auf Wechsdatenträgern - Hallo Trojaner-Board-Team! Ich habe ein Problem seitdem ich meine Wechseldatenträger (USB-Stick & SD-Karte) mit einem anderen Rechner verbunden habe, habe ich mir scheinbar etwas eingefangen. Als ich ihn mal wieder - Würmer & Trojaner auf Wechsdatenträgern...
Archiv
Du betrachtest: Würmer & Trojaner auf Wechsdatenträgern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.