Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojan:DOS/Alureon.E Befall (https://www.trojaner-board.de/140924-trojan-dos-alureon-e-befall.html)

LilLady 03.09.2013 10:51
Trojan:DOS/Alureon.E Befall
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo Leute,

ich benötige Hilfe.

Gerade ist mir mein Rechner abgestürzt und ich musste Windows 8 neu installieren. Alle Daten waren noch da, aber die Programme nicht mehr (AV, Open Office, Lesezeichen im Firefox :(). Zudem meldete sich Windows Defender mit einer Warnung, die ich angehängt habe. Sieht so aus, als hätte ich ein großes Problem, nicht wahr? Immerhin ist dieser Trojan schon im Bootsektor.

Ich will alles machen, damit mein Rechner Trojanerfrei wird, meinetwegen auch platt machen, so weh es auch tut.

Zusatzinfo: Ich habe vor einigen Monaten von Windows 7 auf Windows 8 upgegradet.

Ich hoffe, ihr könnt mir helfen :(

Viele Grüße,

Lil

schrauber 03.09.2013 10:55
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


LilLady 03.09.2013 11:32
Entschuldige die späte Antort, habe gerade noch ein paar Dateien gesichert und mein PC hatte keine Lust auf WLan -.-*


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by LilLady (administrator) on LILLADY-PC on 03-09-2013 12:27:06
Running from C:\Users\LilLady\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\xek8zhhi.default
FF Homepage: www.google.de
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 12:25 - 2013-09-03 12:26 - 01950474 _____ (Farbar) C:\Users\LilLady\Downloads\FRST64.exe
2013-09-03 12:25 - 2013-09-03 12:25 - 00002067 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-03 12:24 - 2013-09-03 12:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-52057.txt
2013-09-03 12:23 - 2013-09-03 12:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-3890883.txt
2013-09-03 11:59 - 2013-09-03 11:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-09-03 11:59 - 2013-09-03 11:59 - 00000000 ___DC C:\Windows.old
2013-09-03 11:51 - 2013-09-03 11:51 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-03 11:50 - 2013-09-03 12:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-03 11:50 - 2013-09-03 11:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-03 11:50 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\Panther
2013-09-03 11:50 - 2013-01-18 17:00 - 06390048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 03460896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 02558240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 00884512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-09-03 11:50 - 2013-01-18 17:00 - 00118560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-09-03 11:49 - 2013-09-03 11:50 - 00000000 __HDC C:\$SysReset
2013-09-03 11:49 - 2013-09-03 11:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-03 11:49 - 2013-02-26 00:32 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-09-03 11:49 - 2013-02-26 00:32 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-09-03 11:48 - 2013-09-03 11:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-03 11:46 - 2013-09-03 11:46 - 00003198 _____ C:\WINDOWS\System32\Tasks\{B18349A5-C633-4651-8AAA-2F98942E946D}
2013-09-03 11:39 - 2013-09-03 12:23 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2013-09-03 11:39 - 2013-09-03 11:42 - 00004869 _____ C:\WINDOWS\system32\lvcoinst.log
2013-09-03 11:39 - 2013-09-03 11:40 - 00000000 ___SD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
2013-09-03 11:39 - 2013-09-03 11:39 - 00001188 _____ C:\Users\LilLady\Desktop\OpenOffice 4.0.0.lnk
2013-09-03 11:39 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-03 11:38 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-09-03 11:36 - 2013-09-03 11:36 - 00000000 ____D C:\ProgramData\Adobe
2013-09-03 11:34 - 2013-09-03 11:45 - 00000000 ____D C:\Users\LilLady\AppData\Local\Adobe
2013-09-03 11:31 - 2013-09-03 11:31 - 00000000 ____D C:\Users\LilLady\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-365011.txt
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-363123.txt
2013-09-03 11:23 - 2013-09-03 11:24 - 00001203 _____ C:\WINDOWS\system32\netcfg-347570.txt
2013-09-03 11:23 - 2013-09-03 11:24 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Local\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-03 11:21 - 2013-09-03 11:35 - 450907216 _____ (G Data Software AG) C:\Users\LilLady\Downloads\GER_R_FUL_2013_IS.exe
2013-09-03 11:20 - 2013-09-03 11:20 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Macromedia
2013-09-03 11:19 - 2013-09-03 11:19 - 00000117 _____ C:\WINDOWS\system32\netcfg-51729.txt
2013-09-03 11:17 - 2013-09-03 11:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-819036.txt
2013-09-03 11:14 - 2013-09-03 11:24 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-261323904-3986566715-3217930549-1001
2013-09-03 11:09 - 2013-09-03 11:09 - 00024574 _____ C:\Users\LilLady\Desktop\Entfernte Anwendungen.html
2013-09-03 11:08 - 2013-09-03 11:08 - 00001444 _____ C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Adobe
2013-09-03 11:07 - 2013-09-03 11:07 - 00000020 ___SH C:\Users\LilLady\ntuser.ini
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\Users\LilLady\AppData\Local\VirtualStore
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\ProgramData\PRICache
2013-09-03 11:06 - 2013-09-03 12:04 - 00380289 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128342.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128264.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128061.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\CSC
2013-09-03 11:05 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady
2013-09-03 11:05 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-124878.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagwrn.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagerr.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00001139 _____ C:\WINDOWS\system32\netcfg-68765.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Anwendungsdaten
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-03 11:02 - 2013-09-03 11:02 - 00001134 _____ C:\WINDOWS\system32\netcfg-97719.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00001099 _____ C:\WINDOWS\system32\netcfg-130869.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000185 _____ C:\WINDOWS\system32\netcfg-108342.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000164 _____ C:\WINDOWS\system32\netcfg-101946.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000161 _____ C:\WINDOWS\system32\netcfg-104520.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-132117.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-104052.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-103069.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-101541.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000159 _____ C:\WINDOWS\system32\netcfg-102648.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-103584.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-101182.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000150 _____ C:\WINDOWS\system32\netcfg-102274.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-09-03 11:01 - 2013-09-03 11:01 - 00286200 _____ C:\WINDOWS\Minidump\090313-71479-01.dmp
2013-09-03 11:01 - 2013-09-03 11:01 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-03 11:00 - 2013-09-03 11:00 - 268649420 _____ C:\WINDOWS\MEMORY.DMP
2013-09-03 11:00 - 2013-09-03 11:00 - 00000424 _____ C:\WINDOWS\PFRO.log
2013-08-30 14:40 - 2013-08-30 14:43 - 48494759 _____ C:\Users\LilLady\Documents\(5-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:21 - 2013-08-30 14:21 - 00804552 _____ (Koyote-Lab Inc.) C:\Users\LilLady\Downloads\FreeFLVConverter75Setup(1).exe
2013-08-30 14:11 - 2013-08-30 14:14 - 64915018 _____ C:\Users\LilLady\Documents\(2-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:10 - 2013-08-30 14:13 - 66620799 _____ C:\Users\LilLady\Documents\(1-5)ARD Der große Crash - Die Wirtschaftskrise 1929 in Deutschland.wmv.flv
2013-08-30 13:56 - 2013-08-30 14:01 - 00000000 ___DC C:\AdwCleaner
2013-08-30 13:53 - 2013-08-30 13:53 - 00994642 _____ C:\Users\LilLady\Downloads\adwcleaner.exe
2013-08-29 12:04 - 2013-08-29 12:05 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\LilLady\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-27 11:52 - 2013-08-27 11:52 - 00004608 ___SH C:\Users\LilLady\Documents\Thumbs.db
2013-08-27 11:43 - 2013-08-27 11:43 - 11067384 _____ C:\Users\LilLady\Downloads\YTD43Setup.exe
2013-08-25 22:42 - 2013-08-25 22:42 - 00011229 _____ C:\Users\LilLady\Desktop\Unbenannt 2.odt
2013-08-24 12:14 - 2013-08-24 12:15 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-24 12:08 - 2013-08-24 12:12 - 00014632 _____ C:\Users\LilLady\Documents\Install STAR WARS The Old Republic.log
2013-08-24 12:06 - 2013-08-24 12:06 - 39777624 _____ C:\Users\LilLady\Downloads\SWTOR_setup.exe
2013-08-20 18:46 - 2013-08-20 18:46 - 01681573 _____ C:\Users\LilLady\Downloads\tweets.zip
2013-08-20 17:53 - 2013-08-20 17:53 - 00012586 _____ C:\Users\LilLady\Desktop\Kündigung OZ.odt
2013-08-13 15:11 - 2013-08-13 15:11 - 00000000 ___DC C:\NvidiaLogging

==================== One Month Modified Files and Folders =======

2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ___DC C:\FRST
2013-09-03 12:26 - 2013-09-03 12:25 - 01950474 _____ (Farbar) C:\Users\LilLady\Downloads\FRST64.exe
2013-09-03 12:25 - 2013-09-03 12:25 - 00002067 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-03 12:24 - 2013-09-03 12:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-52057.txt
2013-09-03 12:24 - 2013-09-03 11:50 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-03 12:24 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-03 12:24 - 2012-07-26 09:19 - 00307760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-03 12:23 - 2013-09-03 12:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-3890883.txt
2013-09-03 12:23 - 2013-09-03 11:39 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2013-09-03 12:04 - 2013-09-03 11:06 - 00380289 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-03 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-03 11:59 - 2013-09-03 11:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-09-03 11:59 - 2013-09-03 11:59 - 00000000 ___DC C:\Windows.old
2013-09-03 11:59 - 2012-07-26 10:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-09-03 11:58 - 2012-07-26 12:27 - 00714240 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-03 11:58 - 2012-07-26 12:27 - 00147840 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-03 11:58 - 2012-07-26 09:28 - 01654648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-03 11:51 - 2013-09-03 11:51 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-03 11:51 - 2013-09-03 11:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-03 11:51 - 2013-09-03 11:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-03 11:50 - 2013-09-03 11:49 - 00000000 __HDC C:\$SysReset
2013-09-03 11:50 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2013-09-03 11:49 - 2013-09-03 11:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-03 11:49 - 2011-06-26 14:59 - 00000000 ____D C:\Recovery
2013-09-03 11:46 - 2013-09-03 11:46 - 00003198 _____ C:\WINDOWS\System32\Tasks\{B18349A5-C633-4651-8AAA-2F98942E946D}
2013-09-03 11:46 - 2011-06-21 12:43 - 00000000 ____D C:\Users\LilLady\Desktop\Paint Shop Pro 7
2013-09-03 11:45 - 2013-09-03 11:34 - 00000000 ____D C:\Users\LilLady\AppData\Local\Adobe
2013-09-03 11:42 - 2013-09-03 11:39 - 00004869 _____ C:\WINDOWS\system32\lvcoinst.log
2013-09-03 11:42 - 2012-07-26 09:21 - 00019707 _____ C:\WINDOWS\setupact.log
2013-09-03 11:40 - 2013-09-03 11:39 - 00000000 ___SD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
2013-09-03 11:39 - 2013-09-03 11:39 - 00001188 _____ C:\Users\LilLady\Desktop\OpenOffice 4.0.0.lnk
2013-09-03 11:39 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-03 11:39 - 2013-09-03 11:38 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-09-03 11:36 - 2013-09-03 11:36 - 00000000 ____D C:\ProgramData\Adobe
2013-09-03 11:35 - 2013-09-03 11:21 - 450907216 _____ (G Data Software AG) C:\Users\LilLady\Downloads\GER_R_FUL_2013_IS.exe
2013-09-03 11:31 - 2013-09-03 11:31 - 00000000 ____D C:\Users\LilLady\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-09-03 11:31 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\restore
2013-09-03 11:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-365011.txt
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-363123.txt
2013-09-03 11:24 - 2013-09-03 11:23 - 00001203 _____ C:\WINDOWS\system32\netcfg-347570.txt
2013-09-03 11:24 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Mozilla
2013-09-03 11:24 - 2013-09-03 11:14 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-261323904-3986566715-3217930549-1001
2013-09-03 11:23 - 2013-09-03 11:23 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Local\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-03 11:20 - 2013-09-03 11:20 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Macromedia
2013-09-03 11:19 - 2013-09-03 11:19 - 00000117 _____ C:\WINDOWS\system32\netcfg-51729.txt
2013-09-03 11:17 - 2013-09-03 11:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-819036.txt
2013-09-03 11:17 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-09-03 11:09 - 2013-09-03 11:09 - 00024574 _____ C:\Users\LilLady\Desktop\Entfernte Anwendungen.html
2013-09-03 11:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-03 11:08 - 2013-09-03 11:08 - 00001444 _____ C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Adobe
2013-09-03 11:08 - 2013-09-03 11:05 - 00000000 ____D C:\Users\LilLady
2013-09-03 11:08 - 2013-06-08 18:15 - 00000000 ____D C:\Users\LilLady\AppData\Local\Packages
2013-09-03 11:07 - 2013-09-03 11:07 - 00000020 ___SH C:\Users\LilLady\ntuser.ini
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\Users\LilLady\AppData\Local\VirtualStore
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\ProgramData\PRICache
2013-09-03 11:07 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-09-03 11:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-09-03 11:06 - 2013-09-03 11:50 - 00000000 ____D C:\WINDOWS\Panther
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128342.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128264.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128061.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\CSC
2013-09-03 11:06 - 2013-09-03 11:05 - 00000117 _____ C:\WINDOWS\system32\netcfg-124878.txt
2013-09-03 11:06 - 2012-12-18 18:53 - 00000000 ____D C:\Users\LilLady\Desktop\Seminare
2013-09-03 11:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-09-03 11:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-03 11:06 - 2012-05-10 11:44 - 00000000 ____D C:\Users\LilLady\Desktop\Diverses
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagwrn.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagerr.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00001139 _____ C:\WINDOWS\system32\netcfg-68765.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Anwendungsdaten
2013-09-03 11:05 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-03 11:05 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-03 11:04 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-03 11:04 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-03 11:03 - 2012-07-26 10:13 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2013-09-03 11:02 - 2013-09-03 11:02 - 00001134 _____ C:\WINDOWS\system32\netcfg-97719.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00001099 _____ C:\WINDOWS\system32\netcfg-130869.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000185 _____ C:\WINDOWS\system32\netcfg-108342.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000164 _____ C:\WINDOWS\system32\netcfg-101946.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000161 _____ C:\WINDOWS\system32\netcfg-104520.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-132117.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-104052.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-103069.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-101541.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000159 _____ C:\WINDOWS\system32\netcfg-102648.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-103584.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-101182.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000150 _____ C:\WINDOWS\system32\netcfg-102274.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-09-03 11:01 - 2013-09-03 11:01 - 00286200 _____ C:\WINDOWS\Minidump\090313-71479-01.dmp
2013-09-03 11:01 - 2013-09-03 11:01 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-03 11:00 - 2013-09-03 11:00 - 268649420 _____ C:\WINDOWS\MEMORY.DMP
2013-09-03 11:00 - 2013-09-03 11:00 - 00000424 _____ C:\WINDOWS\PFRO.log
2013-08-30 14:49 - 2013-06-08 20:28 - 01918976 ___SH C:\Users\LilLady\Desktop\Thumbs.db
2013-08-30 14:43 - 2013-08-30 14:40 - 48494759 _____ C:\Users\LilLady\Documents\(5-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:21 - 2013-08-30 14:21 - 00804552 _____ (Koyote-Lab Inc.) C:\Users\LilLady\Downloads\FreeFLVConverter75Setup(1).exe
2013-08-30 14:14 - 2013-08-30 14:11 - 64915018 _____ C:\Users\LilLady\Documents\(2-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:13 - 2013-08-30 14:10 - 66620799 _____ C:\Users\LilLady\Documents\(1-5)ARD Der große Crash - Die Wirtschaftskrise 1929 in Deutschland.wmv.flv
2013-08-30 14:01 - 2013-08-30 13:56 - 00000000 ___DC C:\AdwCleaner
2013-08-30 13:53 - 2013-08-30 13:53 - 00994642 _____ C:\Users\LilLady\Downloads\adwcleaner.exe
2013-08-29 12:05 - 2013-08-29 12:04 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\LilLady\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-27 12:38 - 2012-12-18 18:53 - 00000000 ____D C:\Users\LilLady\Desktop\Schule
2013-08-27 11:52 - 2013-08-27 11:52 - 00004608 ___SH C:\Users\LilLady\Documents\Thumbs.db
2013-08-27 11:43 - 2013-08-27 11:43 - 11067384 _____ C:\Users\LilLady\Downloads\YTD43Setup.exe
2013-08-25 22:42 - 2013-08-25 22:42 - 00011229 _____ C:\Users\LilLady\Desktop\Unbenannt 2.odt
2013-08-25 14:05 - 2013-07-22 21:27 - 00017478 _____ C:\Users\LilLady\Desktop\Politik Reihenplanung Klasse 9 Sj 2013.odt
2013-08-24 12:15 - 2013-08-24 12:14 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-24 12:12 - 2013-08-24 12:08 - 00014632 _____ C:\Users\LilLady\Documents\Install STAR WARS The Old Republic.log
2013-08-24 12:06 - 2013-08-24 12:06 - 39777624 _____ C:\Users\LilLady\Downloads\SWTOR_setup.exe
2013-08-20 18:46 - 2013-08-20 18:46 - 01681573 _____ C:\Users\LilLady\Downloads\tweets.zip
2013-08-20 17:53 - 2013-08-20 17:53 - 00012586 _____ C:\Users\LilLady\Desktop\Kündigung OZ.odt
2013-08-13 15:11 - 2013-08-13 15:11 - 00000000 ___DC C:\NvidiaLogging

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-03 11:00

==================== End Of Log ============================
--- --- ---


Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2013 01
Ran by LilLady at 2013-09-03 12:28:00
Running from C:\Users\LilLady\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
rosoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

==================== Restore Points  =========================

03-09-2013 09:31:16 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-07-26] (Microsoft Corporation)
Task: {26C02F2C-5D20-44DD-B03F-E87F8FF3EA9B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {2B28902F-A99D-4568-8C8B-FEE05F3984CC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => start wuauserv
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {432494C3-1704-4B7B-AFCB-C2E3B7700880} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2012-07-26] (Microsoft Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {675D6AFF-3542-4254-85AF-235ACF9C1910} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-261323904-3986566715-3217930549-1001
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-07-26] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {785DC450-6E89-45B0-AD0A-2BCE58BF6C31} - System32\Tasks\Microsoft\Windows\SysResetDelayedCleanup => C:\Windows\System32\ResetEng.dll [2012-07-26] (Microsoft Corporation)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9BD83CCD-21AE-463F-BB61-B8EB3B40DFAF} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2012-07-26] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8CF5AA7-9A33-43D0-8D14-C0D2DA4AEF64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2012-07-26] (Microsoft Corporation)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C391A8D1-7229-4E06-A074-47DE6094FE89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2012-07-26] (Microsoft Corporation)
Task: {C3C22889-18E2-4138-92F7-A5CCCFDD60D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2012-07-26] (Microsoft Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E5918CB5-CB06-4D74-80C7-8DD0399361C4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-07-26] (Microsoft Corporation)
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync

==================== Loaded Modules (whitelisted) =============

2012-07-26 02:01 - 2012-07-26 05:05 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\combase.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WINMMBASE.dll
2012-07-26 01:47 - 2012-07-26 05:07 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCORE.dll
2012-07-26 01:47 - 2012-07-26 05:07 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SHCORE.dll
2012-07-26 02:55 - 2012-07-26 05:07 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2012-07-26 01:12 - 2012-07-26 05:07 - 01357312 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2012-07-26 01:36 - 2012-07-26 05:07 - 00699392 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2012-07-26 02:05 - 2012-07-26 05:05 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\Bcp47Langs.dll
2012-07-26 02:51 - 2012-07-26 05:07 - 10092032 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2012-07-26 01:33 - 2012-07-26 05:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\System32\IDStore.dll
2012-07-26 01:37 - 2012-07-26 05:08 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\System32\wpncore.dll
2012-07-26 04:06 - 2012-07-26 05:07 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\sppc.dll
2012-07-25 22:22 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\WINDOWS\SYSTEM32\nvwgf2umx.dll
2012-07-26 02:05 - 2012-07-26 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\dcomp.dll
2012-07-26 01:31 - 2012-07-26 05:08 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\System32\wlidprov.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\UIAutomationCore.dll
2012-07-26 01:24 - 2012-07-26 05:05 - 00186368 _____ (Microsoft Corporation) C:\Windows\System32\InputSwitch.dll
2012-07-26 02:04 - 2012-07-26 05:07 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\windows.globalization.fontgroups.dll
2012-07-26 01:36 - 2012-07-26 05:07 - 00291328 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2012-07-26 02:05 - 2012-07-26 05:07 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\wcmapi.dll
2012-07-26 01:58 - 2012-07-26 05:08 - 00866304 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2012-07-26 01:22 - 2012-07-26 05:06 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2012-07-26 03:37 - 2012-07-26 05:06 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\System32\NcaApi.dll
2012-07-26 01:33 - 2012-07-26 05:06 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\BluetoothApis.dll
2012-07-26 02:51 - 2012-07-26 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\apprepapi.dll
2012-07-26 04:19 - 2012-07-26 05:06 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\pcacli.dll
2012-07-26 01:40 - 2012-07-26 05:07 - 00949760 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2012-07-26 02:35 - 2012-07-26 05:07 - 04243456 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2012-07-26 04:33 - 2012-07-26 04:33 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\UIRibbonRes.dll
2012-07-26 02:59 - 2012-07-26 05:05 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\dlnashext.dll
2012-07-26 02:08 - 2012-07-26 05:07 - 01303040 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\WINMMBASE.dll
2012-07-26 03:52 - 2012-07-26 05:05 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2012-07-26 02:12 - 2012-07-26 06:55 - 01326784 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\webservices.dll
2012-07-26 02:08 - 2012-07-26 05:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\NTASN1.dll
2012-07-26 02:09 - 2012-07-26 05:06 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 04155680 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
2012-07-26 01:47 - 2012-07-26 05:07 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\SHCORE.DLL
2013-09-03 11:51 - 2013-02-26 00:32 - 00778528 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL
2013-09-03 11:51 - 2013-02-26 00:32 - 03584288 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
2013-09-03 11:51 - 2013-02-26 00:32 - 00981280 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
2012-07-26 01:47 - 2012-07-26 05:07 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\shcore.dll
2012-07-26 03:32 - 2012-07-26 05:05 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\DXGWDI.DLL
2013-09-03 11:23 - 2013-08-14 19:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-01-18 08:16 - 2013-01-18 08:16 - 00559480 _____ (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2013-01-18 08:16 - 2013-01-18 08:16 - 00354528 _____ (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
2013-01-18 08:16 - 2013-01-18 08:16 - 01028648 _____ (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2012-07-26 04:41 - 2012-07-26 05:06 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\MFCORE.dll
2012-07-26 01:18 - 2012-07-26 05:06 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\mfnetcore.dll
2012-07-26 01:22 - 2012-07-26 05:06 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\MrmCoreR.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\SYSTEM32\UIAutomationCore.DLL

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\LilLady\Desktop\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\LilLady\Downloads\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\LilLady\Documents\Thumbs.db:encryptable


==================== Faulty Device Manager Devices =============

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/03/2013 00:24:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\athExt.dll
Fehlercode: 126

Error: (09/03/2013 00:11:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\athExt.dll
Fehlercode: 126

Error: (09/03/2013 11:24:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\athExt.dll
Fehlercode: 126

Error: (09/03/2013 11:02:01 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%21

Error: (09/03/2013 11:01:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet:
%%1058

Error: (09/03/2013 11:01:54 AM) (Source: BugCheck) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff960001aa55a, 0xfffff88004150f40, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP090313-71479-01


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 4094.17 MB
Available physical RAM: 3058.65 MB
Total Pagefile: 8190.17 MB
Available Pagefile: 7043.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:591.64 GB) (Free:440.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive s: (Volume) (Fixed) (Total:339.87 GB) (Free:158.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 792134FC)
Partition 1: (Active) - (Size=592 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=340 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=2768 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3

==================== End Of Log ============================

schrauber 03.09.2013 12:09
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

LilLady 03.09.2013 12:21
Fertig :D

Code:
ComboFix 13-09-02.02 - LilLady 03.09.2013  13:13:14.1.4 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.4094.3290 [GMT 2:00]
ausgeführt von:: c:\users\LilLady\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
S:\install.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-03 bis 2013-09-03  ))))))))))))))))))))))))))))))
.
.
2013-09-03 11:17 . 2013-09-03 11:17        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-09-03 10:26 . 2013-09-03 10:26        --------        dc----w-        C:\FRST
2013-09-03 09:59 . 2013-09-03 10:45        --------        dc----w-        C:\Windows.old
2013-09-03 09:50 . 2013-09-03 09:51        --------        d-----w-        c:\program files (x86)\NVIDIA Corporation
2013-09-03 09:50 . 2013-09-03 10:24        --------        d-----w-        c:\programdata\NVIDIA
2013-09-03 09:50 . 2013-09-03 09:06        --------        d-----w-        c:\windows\Panther
2013-09-03 09:50 . 2013-01-18 15:00        3460896        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-09-03 09:50 . 2013-01-18 15:00        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-09-03 09:50 . 2013-01-18 15:00        6390048        ----a-w-        c:\windows\system32\nvcpl.dll
2013-09-03 09:50 . 2013-01-18 15:00        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-09-03 09:50 . 2013-01-18 15:00        2558240        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-09-03 09:50 . 2013-01-18 15:00        118560        ----a-w-        c:\windows\system32\nvmctray.dll
2013-09-03 09:49 . 2013-09-03 10:42        --------        dc----w-        C:\$SysReset
2013-09-03 09:49 . 2013-02-25 22:32        61216        ----a-w-        c:\windows\system32\OpenCL.dll
2013-09-03 09:49 . 2013-02-25 22:32        53024        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2013-09-03 09:49 . 2013-09-03 09:49        --------        d-----w-        c:\programdata\NVIDIA Corporation
2013-09-03 09:48 . 2013-09-03 09:51        --------        d-----w-        c:\program files\NVIDIA Corporation
2013-09-03 09:39 . 2013-09-03 09:39        --------        d-----w-        c:\program files\Common Files\logishrd
2013-09-03 09:38 . 2013-09-03 09:39        --------        d-----w-        c:\program files (x86)\OpenOffice 4
2013-09-03 09:23 . 2013-09-03 09:23        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2013-09-03 09:07 . 2013-09-03 09:07        17536        ----a-w-        c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-09-03 09:07 . 2013-09-03 09:07        --------        d-----w-        c:\programdata\PRICache
2013-09-03 09:05 . 2013-09-03 09:08        --------        d-----w-        c:\users\LilLady
2013-09-03 09:05 . 2013-09-03 09:51        --------        d-----w-        c:\users\UpdatusUser
2013-08-30 11:56 . 2013-08-30 12:01        --------        dc----w-        C:\AdwCleaner
2013-08-13 13:11 . 2013-08-13 13:11        --------        dc----w-        C:\NvidiaLogging
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;@oem4.inf,%PID_09A4_DD%(UVC);Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\xek8zhhi.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-09-03  13:20:47
ComboFix-quarantined-files.txt  2013-09-03 11:19
ComboFix2.txt  2012-05-21 14:57
.
Vor Suchlauf: 21 Verzeichnis(se), 534.316.466.176 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 533.942.263.808 Bytes frei
.
- - End Of File - - 8685F8EDFC5EE252766FD0DAAD0844D2
A36C5E4F47E84449FF07ED3517B43A31

schrauber 03.09.2013 12:23
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

LilLady 03.09.2013 12:32
Zunächst das Ergebnis vom Quickscan:

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.03.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16384
LilLady :: LILLADY-PC [Administrator]

Schutz: Aktiviert

03.09.2013 13:27:06
mbam-log-2013-09-03 (13-27-06).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 241255
Laufzeit: 2 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\LilLady\Downloads\SoftonicDownloader_fuer_dvd-shrink.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

schrauber 03.09.2013 12:41
und weiter :)

LilLady 03.09.2013 12:58
Junkware

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.7 (09.01.2013:1)
OS: Windows 8 Pro x64
Ran by LilLady on 03.09.2013 at 13:49:05,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2013 at 13:53:49,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bei AdWCleaner tut sich gar nichts *ratlos*

ABER ich hatte den ADWCleaner am 30.8. mal gestartet und dabei entstand dieses File:

Code:
# AdwCleaner v3.001 - Report created 30/08/2013 at 14:01:22
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 Pro  (64 bits)
# Username : LilLady - LILLADY-PC
# Running from : C:\Users\LilLady\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\Users\LilLady\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\LilLady\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\LilLady\AppData\Roaming\Babylon
Folder Deleted : C:\Users\LilLady\AppData\Roaming\Common\LuaRT
Folder Deleted : C:\Users\LilLady\AppData\Roaming\DataMgr
Folder Deleted : C:\Users\LilLady\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\LilLady\AppData\Roaming\Intermediate
Folder Deleted : C:\Users\LilLady\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\LilLady\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\LilLady\AppData\Roaming\SCheck
Folder Deleted : C:\Users\LilLady\AppData\Roaming\SSync
Folder Deleted : C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Folder Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\jetpack
File Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\Extensions\om@offermosquito.com.xpi
[x] Not Deleted : C:\Users\LilLady\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\searchplugins\Babylon.xml
File Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\searchplugins\delta.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\\invalidprefs.js
File Deleted : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Movie2KDownloader
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\httogroup
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\piccshare
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SearchquSRTB
Key Deleted : HKLM\Software\Uniblue\DriverScanner
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (de)

[ File : C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\d9zc4d6x.default\prefs.js ]

Line Deleted : user_pref("browser.newtabpage.pinned", "[{\"url\":\"hxxps://mail.google.com/mail/?shva=1#inbox\",\"title\":\"Posteingang - janine.salzwedel@googlemail.com - Gmail\"},{\"url\":\"hxxps://www.facebook.co[...]
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "18");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "87D23D50BAD3513692D5F2CE56AC71B5");
Line Deleted : user_pref("extensions.delta.id", "9c1eecad00000000000000224311078e");
Line Deleted : user_pref("extensions.delta.instlDay", "15904");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.21.522:35:41");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.522:35:41");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119821&tsp=4947");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515,om%40offermosquito.com:0.6.2,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"web2pdfextension@web2pdf.adobedotcom\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Adobe\\\\Acrobat 10.0\\\\Acro[...]
Line Deleted : user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomain\":\"offermosquito.com\"[...]

*************************

AdwCleaner[R0].txt - [10644 octets] - [30/08/2013 13:56:06]
AdwCleaner[S0].txt - [9885 octets] - [30/08/2013 14:01:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9945 octets] ##########
Frisches FRST Log:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 01
Ran by LilLady (administrator) on LILLADY-PC on 03-09-2013 13:57:38
Running from C:\Users\LilLady\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\LilLady\AppData\Roaming\Mozilla\Firefox\Profiles\xek8zhhi.default
FF Homepage: www.google.de
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 13:49 - 2013-09-03 13:49 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-03 13:48 - 2013-09-03 13:48 - 01028757 _____ (Thisisu) C:\Users\LilLady\Downloads\JRT.exe
2013-09-03 13:35 - 2013-09-03 13:35 - 01037134 _____ C:\Users\LilLady\Downloads\adwcleaner(1).exe
2013-09-03 13:33 - 2013-09-03 13:33 - 00000117 _____ C:\WINDOWS\system32\netcfg-37580.txt
2013-09-03 13:32 - 2013-09-03 13:32 - 00000117 _____ C:\WINDOWS\system32\netcfg-4151171.txt
2013-09-03 13:24 - 2013-09-03 13:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\LilLady\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-03 13:24 - 2013-09-03 13:24 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Malwarebytes
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-03 13:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-03 13:20 - 2013-09-03 13:20 - 00004887 ____C C:\ComboFix.txt
2013-09-03 13:12 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-03 13:12 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-03 13:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-03 13:12 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-03 13:11 - 2013-09-03 13:17 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-03 13:11 - 2013-09-03 13:11 - 05119472 ____R (Swearware) C:\Users\LilLady\Downloads\ComboFix.exe
2013-09-03 13:11 - 2013-09-03 13:11 - 00000117 _____ C:\WINDOWS\system32\netcfg-2846690.txt
2013-09-03 13:11 - 2013-09-03 13:11 - 00000117 _____ C:\WINDOWS\system32\netcfg-2846628.txt
2013-09-03 12:29 - 2013-09-03 12:29 - 00019402 _____ C:\Users\LilLady\Desktop\Addition.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00033116 _____ C:\Users\LilLady\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00019402 _____ C:\Users\LilLady\Downloads\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ___DC C:\FRST
2013-09-03 12:25 - 2013-09-03 12:26 - 01950474 _____ (Farbar) C:\Users\LilLady\Downloads\FRST64.exe
2013-09-03 12:25 - 2013-09-03 12:25 - 00002067 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-03 12:24 - 2013-09-03 12:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-52057.txt
2013-09-03 12:23 - 2013-09-03 12:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-3890883.txt
2013-09-03 11:59 - 2013-09-03 12:45 - 00000000 ___DC C:\Windows.old
2013-09-03 11:59 - 2013-09-03 11:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-09-03 11:51 - 2013-09-03 11:51 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-03 11:50 - 2013-09-03 13:33 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-03 11:50 - 2013-09-03 11:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-03 11:50 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\Panther
2013-09-03 11:50 - 2013-01-18 17:00 - 06390048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 03460896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 02558240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 00884512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-09-03 11:50 - 2013-01-18 17:00 - 00118560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-09-03 11:50 - 2013-01-18 17:00 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-09-03 11:49 - 2013-09-03 12:42 - 00000000 ___DC C:\$SysReset
2013-09-03 11:49 - 2013-09-03 11:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-03 11:49 - 2013-02-26 00:32 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-09-03 11:49 - 2013-02-26 00:32 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-09-03 11:48 - 2013-09-03 11:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-03 11:46 - 2013-09-03 11:46 - 00003198 _____ C:\WINDOWS\System32\Tasks\{B18349A5-C633-4651-8AAA-2F98942E946D}
2013-09-03 11:39 - 2013-09-03 13:33 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2013-09-03 11:39 - 2013-09-03 11:42 - 00004869 _____ C:\WINDOWS\system32\lvcoinst.log
2013-09-03 11:39 - 2013-09-03 11:40 - 00000000 ___SD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
2013-09-03 11:39 - 2013-09-03 11:39 - 00001188 _____ C:\Users\LilLady\Desktop\OpenOffice 4.0.0.lnk
2013-09-03 11:39 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-03 11:38 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-09-03 11:36 - 2013-09-03 11:36 - 00000000 ____D C:\ProgramData\Adobe
2013-09-03 11:34 - 2013-09-03 11:45 - 00000000 ____D C:\Users\LilLady\AppData\Local\Adobe
2013-09-03 11:31 - 2013-09-03 11:31 - 00000000 ____D C:\Users\LilLady\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-365011.txt
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-363123.txt
2013-09-03 11:23 - 2013-09-03 11:24 - 00001203 _____ C:\WINDOWS\system32\netcfg-347570.txt
2013-09-03 11:23 - 2013-09-03 11:24 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Local\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-03 11:21 - 2013-09-03 11:35 - 450907216 _____ (G Data Software AG) C:\Users\LilLady\Downloads\GER_R_FUL_2013_IS.exe
2013-09-03 11:20 - 2013-09-03 11:20 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Macromedia
2013-09-03 11:19 - 2013-09-03 11:19 - 00000117 _____ C:\WINDOWS\system32\netcfg-51729.txt
2013-09-03 11:17 - 2013-09-03 11:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-819036.txt
2013-09-03 11:14 - 2013-09-03 12:42 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-261323904-3986566715-3217930549-1001
2013-09-03 11:09 - 2013-09-03 11:09 - 00024574 _____ C:\Users\LilLady\Desktop\Entfernte Anwendungen.html
2013-09-03 11:08 - 2013-09-03 11:08 - 00001444 _____ C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Adobe
2013-09-03 11:07 - 2013-09-03 11:07 - 00000020 ___SH C:\Users\LilLady\ntuser.ini
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\Users\LilLady\AppData\Local\VirtualStore
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\ProgramData\PRICache
2013-09-03 11:06 - 2013-09-03 13:45 - 00453529 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128342.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128264.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128061.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\CSC
2013-09-03 11:05 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady
2013-09-03 11:05 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-124878.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagwrn.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagerr.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00001139 _____ C:\WINDOWS\system32\netcfg-68765.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Anwendungsdaten
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-03 11:05 - 2012-07-26 10:13 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-03 11:02 - 2013-09-03 11:02 - 00001134 _____ C:\WINDOWS\system32\netcfg-97719.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00001099 _____ C:\WINDOWS\system32\netcfg-130869.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000185 _____ C:\WINDOWS\system32\netcfg-108342.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000164 _____ C:\WINDOWS\system32\netcfg-101946.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000161 _____ C:\WINDOWS\system32\netcfg-104520.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-132117.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-104052.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-103069.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-101541.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000159 _____ C:\WINDOWS\system32\netcfg-102648.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-103584.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-101182.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000150 _____ C:\WINDOWS\system32\netcfg-102274.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-09-03 11:01 - 2013-09-03 11:01 - 00286200 _____ C:\WINDOWS\Minidump\090313-71479-01.dmp
2013-09-03 11:01 - 2013-09-03 11:01 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-03 11:00 - 2013-09-03 13:33 - 00001240 _____ C:\WINDOWS\PFRO.log
2013-09-03 11:00 - 2013-09-03 11:00 - 268649420 _____ C:\WINDOWS\MEMORY.DMP
2013-08-30 14:40 - 2013-08-30 14:43 - 48494759 _____ C:\Users\LilLady\Documents\(5-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:21 - 2013-08-30 14:21 - 00804552 _____ (Koyote-Lab Inc.) C:\Users\LilLady\Downloads\FreeFLVConverter75Setup(1).exe
2013-08-30 14:11 - 2013-08-30 14:14 - 64915018 _____ C:\Users\LilLady\Documents\(2-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:10 - 2013-08-30 14:13 - 66620799 _____ C:\Users\LilLady\Documents\(1-5)ARD Der große Crash - Die Wirtschaftskrise 1929 in Deutschland.wmv.flv
2013-08-30 13:56 - 2013-09-03 13:44 - 00000000 ___DC C:\AdwCleaner
2013-08-30 13:53 - 2013-08-30 13:53 - 00994642 _____ C:\Users\LilLady\Downloads\adwcleaner.exe
2013-08-29 12:04 - 2013-08-29 12:05 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\LilLady\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-27 11:52 - 2013-08-27 11:52 - 00004608 ___SH C:\Users\LilLady\Documents\Thumbs.db
2013-08-27 11:43 - 2013-08-27 11:43 - 11067384 _____ C:\Users\LilLady\Downloads\YTD43Setup.exe
2013-08-25 22:42 - 2013-08-25 22:42 - 00011229 _____ C:\Users\LilLady\Desktop\Unbenannt 2.odt
2013-08-24 12:14 - 2013-08-24 12:15 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-24 12:08 - 2013-08-24 12:12 - 00014632 _____ C:\Users\LilLady\Documents\Install STAR WARS The Old Republic.log
2013-08-24 12:06 - 2013-08-24 12:06 - 39777624 _____ C:\Users\LilLady\Downloads\SWTOR_setup.exe
2013-08-20 18:46 - 2013-08-20 18:46 - 01681573 _____ C:\Users\LilLady\Downloads\tweets.zip
2013-08-20 17:53 - 2013-08-20 17:53 - 00012586 _____ C:\Users\LilLady\Desktop\Kündigung OZ.odt
2013-08-13 15:11 - 2013-08-13 15:11 - 00000000 ___DC C:\NvidiaLogging

==================== One Month Modified Files and Folders =======

2013-09-03 13:53 - 2013-09-03 13:53 - 00000618 _____ C:\Users\LilLady\Desktop\JRT.txt
2013-09-03 13:49 - 2013-09-03 13:49 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-03 13:48 - 2013-09-03 13:48 - 01028757 _____ (Thisisu) C:\Users\LilLady\Downloads\JRT.exe
2013-09-03 13:45 - 2013-09-03 11:06 - 00453529 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-03 13:44 - 2013-08-30 13:56 - 00000000 ___DC C:\AdwCleaner
2013-09-03 13:37 - 2012-07-26 12:27 - 00714240 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-03 13:37 - 2012-07-26 12:27 - 00147840 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-03 13:37 - 2012-07-26 09:28 - 01654648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-03 13:35 - 2013-09-03 13:35 - 01037134 _____ C:\Users\LilLady\Downloads\adwcleaner(1).exe
2013-09-03 13:33 - 2013-09-03 13:33 - 00000117 _____ C:\WINDOWS\system32\netcfg-37580.txt
2013-09-03 13:33 - 2013-09-03 11:50 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-03 13:33 - 2013-09-03 11:39 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2013-09-03 13:33 - 2013-09-03 11:00 - 00001240 _____ C:\WINDOWS\PFRO.log
2013-09-03 13:33 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-03 13:32 - 2013-09-03 13:32 - 00000117 _____ C:\WINDOWS\system32\netcfg-4151171.txt
2013-09-03 13:24 - 2013-09-03 13:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\LilLady\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-03 13:24 - 2013-09-03 13:24 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Malwarebytes
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-03 13:24 - 2013-09-03 13:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-03 13:20 - 2013-09-03 13:20 - 00004887 ____C C:\ComboFix.txt
2013-09-03 13:20 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-03 13:20 - 2012-05-21 16:02 - 00000000 ____D C:\Qoobox
2013-09-03 13:17 - 2013-09-03 13:11 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-03 13:17 - 2012-07-26 07:26 - 00000215 ____C C:\WINDOWS\system.ini
2013-09-03 13:11 - 2013-09-03 13:11 - 05119472 ____R (Swearware) C:\Users\LilLady\Downloads\ComboFix.exe
2013-09-03 13:11 - 2013-09-03 13:11 - 00000117 _____ C:\WINDOWS\system32\netcfg-2846690.txt
2013-09-03 13:11 - 2013-09-03 13:11 - 00000117 _____ C:\WINDOWS\system32\netcfg-2846628.txt
2013-09-03 13:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-03 12:45 - 2013-09-03 11:59 - 00000000 ___DC C:\Windows.old
2013-09-03 12:42 - 2013-09-03 11:49 - 00000000 ___DC C:\$SysReset
2013-09-03 12:42 - 2013-09-03 11:14 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-261323904-3986566715-3217930549-1001
2013-09-03 12:29 - 2013-09-03 12:29 - 00019402 _____ C:\Users\LilLady\Desktop\Addition.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00033116 _____ C:\Users\LilLady\Desktop\FRST.txt
2013-09-03 12:28 - 2013-09-03 12:28 - 00019402 _____ C:\Users\LilLady\Downloads\Addition.txt
2013-09-03 12:26 - 2013-09-03 12:26 - 00000000 ___DC C:\FRST
2013-09-03 12:26 - 2013-09-03 12:25 - 01950474 _____ (Farbar) C:\Users\LilLady\Downloads\FRST64.exe
2013-09-03 12:25 - 2013-09-03 12:25 - 00002067 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-03 12:24 - 2013-09-03 12:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-52057.txt
2013-09-03 12:24 - 2012-07-26 09:19 - 00307760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-03 12:23 - 2013-09-03 12:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-3890883.txt
2013-09-03 11:59 - 2013-09-03 11:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-09-03 11:59 - 2012-07-26 10:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-09-03 11:51 - 2013-09-03 11:51 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-03 11:51 - 2013-09-03 11:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-03 11:51 - 2013-09-03 11:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-03 11:50 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2013-09-03 11:49 - 2013-09-03 11:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-03 11:49 - 2011-06-26 14:59 - 00000000 ____D C:\Recovery
2013-09-03 11:46 - 2013-09-03 11:46 - 00003198 _____ C:\WINDOWS\System32\Tasks\{B18349A5-C633-4651-8AAA-2F98942E946D}
2013-09-03 11:46 - 2011-06-21 12:43 - 00000000 ____D C:\Users\LilLady\Desktop\Paint Shop Pro 7
2013-09-03 11:45 - 2013-09-03 11:34 - 00000000 ____D C:\Users\LilLady\AppData\Local\Adobe
2013-09-03 11:42 - 2013-09-03 11:39 - 00004869 _____ C:\WINDOWS\system32\lvcoinst.log
2013-09-03 11:42 - 2012-07-26 09:21 - 00019707 _____ C:\WINDOWS\setupact.log
2013-09-03 11:40 - 2013-09-03 11:39 - 00000000 ___SD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
2013-09-03 11:39 - 2013-09-03 11:39 - 00001188 _____ C:\Users\LilLady\Desktop\OpenOffice 4.0.0.lnk
2013-09-03 11:39 - 2013-09-03 11:39 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-09-03 11:39 - 2013-09-03 11:38 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-09-03 11:36 - 2013-09-03 11:36 - 00000000 ____D C:\ProgramData\Adobe
2013-09-03 11:35 - 2013-09-03 11:21 - 450907216 _____ (G Data Software AG) C:\Users\LilLady\Downloads\GER_R_FUL_2013_IS.exe
2013-09-03 11:31 - 2013-09-03 11:31 - 00000000 ____D C:\Users\LilLady\Desktop\OpenOffice 4.0.0 (de) Installation Files
2013-09-03 11:31 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\restore
2013-09-03 11:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-365011.txt
2013-09-03 11:24 - 2013-09-03 11:24 - 00000117 _____ C:\WINDOWS\system32\netcfg-363123.txt
2013-09-03 11:24 - 2013-09-03 11:23 - 00001203 _____ C:\WINDOWS\system32\netcfg-347570.txt
2013-09-03 11:24 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Users\LilLady\AppData\Local\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 11:23 - 2013-09-03 11:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-03 11:20 - 2013-09-03 11:20 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Macromedia
2013-09-03 11:19 - 2013-09-03 11:19 - 00000117 _____ C:\WINDOWS\system32\netcfg-51729.txt
2013-09-03 11:17 - 2013-09-03 11:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-819036.txt
2013-09-03 11:17 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-09-03 11:09 - 2013-09-03 11:09 - 00024574 _____ C:\Users\LilLady\Desktop\Entfernte Anwendungen.html
2013-09-03 11:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-09-03 11:08 - 2013-09-03 11:08 - 00001444 _____ C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ___RD C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 11:08 - 2013-09-03 11:08 - 00000000 ____D C:\Users\LilLady\AppData\Roaming\Adobe
2013-09-03 11:08 - 2013-09-03 11:05 - 00000000 ____D C:\Users\LilLady
2013-09-03 11:08 - 2013-06-08 18:15 - 00000000 ____D C:\Users\LilLady\AppData\Local\Packages
2013-09-03 11:07 - 2013-09-03 11:07 - 00000020 ___SH C:\Users\LilLady\ntuser.ini
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\Users\LilLady\AppData\Local\VirtualStore
2013-09-03 11:07 - 2013-09-03 11:07 - 00000000 ____D C:\ProgramData\PRICache
2013-09-03 11:07 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-09-03 11:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-09-03 11:06 - 2013-09-03 11:50 - 00000000 ____D C:\WINDOWS\Panther
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128342.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128264.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-128061.txt
2013-09-03 11:06 - 2013-09-03 11:06 - 00000000 ____D C:\WINDOWS\CSC
2013-09-03 11:06 - 2013-09-03 11:05 - 00000117 _____ C:\WINDOWS\system32\netcfg-124878.txt
2013-09-03 11:06 - 2012-12-18 18:53 - 00000000 ____D C:\Users\LilLady\Desktop\Seminare
2013-09-03 11:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-09-03 11:06 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-09-03 11:06 - 2012-05-10 11:44 - 00000000 ____D C:\Users\LilLady\Desktop\Diverses
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagwrn.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00017148 _____ C:\WINDOWS\diagerr.xml
2013-09-03 11:05 - 2013-09-03 11:05 - 00001139 _____ C:\WINDOWS\system32\netcfg-68765.txt
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Vorlagen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Startmenü
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Netzwerkumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Lokale Einstellungen
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Eigene Dateien
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Druckumgebung
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Musik
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Documents\Eigene Bilder
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Verlauf
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\AppData\Local\Anwendungsdaten
2013-09-03 11:05 - 2013-09-03 11:05 - 00000000 _SHDL C:\Users\LilLady\Anwendungsdaten
2013-09-03 11:05 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-03 11:05 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-03 11:04 - 2013-09-03 11:04 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-03 11:04 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-03 11:03 - 2012-07-26 10:13 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2013-09-03 11:02 - 2013-09-03 11:02 - 00001134 _____ C:\WINDOWS\system32\netcfg-97719.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00001099 _____ C:\WINDOWS\system32\netcfg-130869.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000185 _____ C:\WINDOWS\system32\netcfg-108342.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000164 _____ C:\WINDOWS\system32\netcfg-101946.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000161 _____ C:\WINDOWS\system32\netcfg-104520.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-132117.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-104052.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-103069.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000160 _____ C:\WINDOWS\system32\netcfg-101541.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000159 _____ C:\WINDOWS\system32\netcfg-102648.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-103584.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000157 _____ C:\WINDOWS\system32\netcfg-101182.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000150 _____ C:\WINDOWS\system32\netcfg-102274.txt
2013-09-03 11:02 - 2013-09-03 11:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-09-03 11:01 - 2013-09-03 11:01 - 00286200 _____ C:\WINDOWS\Minidump\090313-71479-01.dmp
2013-09-03 11:01 - 2013-09-03 11:01 - 00000000 ____D C:\WINDOWS\Minidump
2013-09-03 11:00 - 2013-09-03 11:00 - 268649420 _____ C:\WINDOWS\MEMORY.DMP
2013-08-30 14:49 - 2013-06-08 20:28 - 01918976 ___SH C:\Users\LilLady\Desktop\Thumbs.db
2013-08-30 14:43 - 2013-08-30 14:40 - 48494759 _____ C:\Users\LilLady\Documents\(5-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:21 - 2013-08-30 14:21 - 00804552 _____ (Koyote-Lab Inc.) C:\Users\LilLady\Downloads\FreeFLVConverter75Setup(1).exe
2013-08-30 14:14 - 2013-08-30 14:11 - 64915018 _____ C:\Users\LilLady\Documents\(2-5)ARD Der große Crash Die Wirtschaftskrise 1929 in Deutschland.flv
2013-08-30 14:13 - 2013-08-30 14:10 - 66620799 _____ C:\Users\LilLady\Documents\(1-5)ARD Der große Crash - Die Wirtschaftskrise 1929 in Deutschland.wmv.flv
2013-08-30 13:53 - 2013-08-30 13:53 - 00994642 _____ C:\Users\LilLady\Downloads\adwcleaner.exe
2013-08-29 12:05 - 2013-08-29 12:04 - 05843488 _____ (Mischel Internet Security                                  ) C:\Users\LilLady\Downloads\TrojanHunterSetup_5.5_Build_1003.exe
2013-08-27 12:38 - 2012-12-18 18:53 - 00000000 ____D C:\Users\LilLady\Desktop\Schule
2013-08-27 11:52 - 2013-08-27 11:52 - 00004608 ___SH C:\Users\LilLady\Documents\Thumbs.db
2013-08-27 11:43 - 2013-08-27 11:43 - 11067384 _____ C:\Users\LilLady\Downloads\YTD43Setup.exe
2013-08-25 22:42 - 2013-08-25 22:42 - 00011229 _____ C:\Users\LilLady\Desktop\Unbenannt 2.odt
2013-08-25 14:05 - 2013-07-22 21:27 - 00017478 _____ C:\Users\LilLady\Desktop\Politik Reihenplanung Klasse 9 Sj 2013.odt
2013-08-24 12:15 - 2013-08-24 12:14 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-08-24 12:12 - 2013-08-24 12:08 - 00014632 _____ C:\Users\LilLady\Documents\Install STAR WARS The Old Republic.log
2013-08-24 12:06 - 2013-08-24 12:06 - 39777624 _____ C:\Users\LilLady\Downloads\SWTOR_setup.exe
2013-08-20 18:46 - 2013-08-20 18:46 - 01681573 _____ C:\Users\LilLady\Downloads\tweets.zip
2013-08-20 17:53 - 2013-08-20 17:53 - 00012586 _____ C:\Users\LilLady\Desktop\Kündigung OZ.odt
2013-08-13 15:11 - 2013-08-13 15:11 - 00000000 ___DC C:\NvidiaLogging

Files to move or delete:
====================
C:\Users\LilLady\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-03 11:00

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 03.09.2013 18:04

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

LilLady 08.09.2013 09:16
Sorry, dass ich mich jetzt erst melde!

Erstmal vielen Dank für deine Hilfe! Ich habe alle Schritte befolgt, nur der Eset Smartinstaller hat so gar nicht funktioniert.

Hier das Log vom Security Check:

Code:
Results of screen317's Security Check version 0.99.72 
  x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
G Data InternetSecurity 2014 
Windows Defender             
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Adobe Flash Player        11.8.800.94 
 Adobe Reader XI 
 Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Spybot Teatimer.exe is disabled!
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 G Data InternetSecurity Firewall GDFwSvcx64.exe
 G Data InternetSecurity Firewall GDFirewallTray.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

schrauber 09.09.2013 05:37
Mach bitte anstelle von ESET nen Vollscan mit deinem AV Programm. Poste bitte ein frisches FRST log. Noch Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131