Danke wiederum für die rasche Antwort. Hier mal der Log von Malwarebytes:
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download
Datenbank Version: v2013.10.25.02
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Wulf :: STAND-PC [Administrator]
25.10.2013 09:50:44
mbam-log-2013-10-25 (09-50-44).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 224212
Laufzeit: 7 Minute(n), 43 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 3
C:\Users\Wulf\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Wulf\AppData\Roaming\OpenCandy\60FAC85520674A3494E7131A082DB1D9 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Wulf\AppData\Local\Temp\CT3314932 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 3
C:\Users\Wulf\Downloads\install.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Wulf\AppData\Roaming\OpenCandy\60FAC85520674A3494E7131A082DB1D9\Trial-14.0.1000.89_de-DE_1004726_AT-1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Wulf\AppData\Local\Temp\CT3314932\ddt.csf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Hier die txt datei von adwcleaner:AdwCleaner Logfile:
Code:
# AdwCleaner v3.010 - Bericht erstellt am 25/10/2013 um 10:23:38
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 8 Pro (64 bits)
# Benutzername : Wulf - STAND-PC
# Gestartet von : C:\Users\Wulf\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Desk 365 RunAsStdUser
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4A7AAC3-D9C2-4D61-8892-5DD64B6F2078}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [14584 octets] - [05/09/2013 08:57:48]
AdwCleaner[R1].txt - [9081 octets] - [06/10/2013 21:30:53]
AdwCleaner[R2].txt - [2978 octets] - [25/10/2013 10:21:07]
AdwCleaner[S0].txt - [12973 octets] - [05/09/2013 08:58:43]
AdwCleaner[S1].txt - [8092 octets] - [06/10/2013 21:31:34]
AdwCleaner[S2].txt - [2664 octets] - [25/10/2013 10:23:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2724 octets] ##########
--- --- ---
und hier der letzte Teil:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 Pro x64
Ran by Wulf on 25.10.2013 at 10:33:22,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
~~~ Registry Keys
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1882345459-3615646933-2730293814-1000\Software\SweetIM
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Wulf\AppData\Roaming\mozilla\firefox\profiles\yh14khyx.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-10-2013
Ran by Wulf (administrator) on STAND-PC on 25-10-2013 10:46:32
Running from C:\Users\Wulf\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe
(Microsoft Corporation) C:\Users\Wulf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
(PIXELA CORPORATION) C:\Program Files (x86)\PIXELA\Everio MediaBrowser 4\MBCameraMonitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Logitech Inc.) C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Dropbox, Inc.) C:\Users\Wulf\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Logitech Inc.) C:\PROGRA~2\SQUEEZ~1\server\SQUEEZ~3.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [VX1000] - C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [LifeChat] - C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\ScCertProp: C:\WINDOWS\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [SkyDrive] - C:\Users\Wulf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-15] (Microsoft Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Startup: C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wulf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = news.ORF.at
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: No Name - {11111111-1111-1111-1111-110411151152} - No File
BHO: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll (Google, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {0B9DA999-3404-4853-917F-E785504CC490} hxxp://consense2.st.roteskreuz.at/obj/CSTreeProj.ocx
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {A4325AB6-1EE2-4742-91FD-6B9362DF9104} hxxp://consense2.st.roteskreuz.at/obj/CSLogOnProj.ocx
DPF: HKLM-x32 {E4CF4E86-D0DC-4864-8F0E-4F6EA2526334} https://img.ui-portal.de/os/activex/gmxinc_osupload_2002.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default
FF Homepage: news.ORF.at
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\donottrackplus@abine.com
FF Extension: MaskMe - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\idme@abine.com
FF Extension: client - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\client@anonymox.net.xpi
FF Extension: facebook - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\facebook@disconnect.me.xpi
FF Extension: john - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\john@velvetcache.org.xpi
FF Extension: No Name - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\Profiles\yh14khyx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: ftd - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftd@ftd.com.xpi
FF Extension: ftdownloader4 - C:\Users\Wulf\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader4@ftdownloader.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFF
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [8704 2012-07-26] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R3 msiserver; C:\Windows\SysWow64\msiexec.exe [62976 2012-07-26] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-06-13] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-06-14] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [670208 2013-04-08] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2013-08-02] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\WINDOWS\GVTDrv64.sys [30528 2013-08-02] ()
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20131024.001\IDSvia64.sys [521816 2013-10-17] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131024.019\ENG64.SYS [126040 2013-10-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131024.019\EX64.SYS [2099288 2013-10-24] (Symantec Corporation)
S3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive )
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U3 idsvc;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-25 10:42 - 2013-10-25 10:42 - 00001587 _____ C:\Users\Wulf\Desktop\JRT.txt
2013-10-25 10:33 - 2013-10-25 10:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-25 10:29 - 2013-10-25 10:32 - 01033335 _____ (Thisisu) C:\Users\Wulf\Downloads\JRT.exe
2013-10-25 10:20 - 2013-10-25 10:20 - 01060070 _____ C:\Users\Wulf\Downloads\adwcleaner.exe
2013-10-25 09:45 - 2013-10-25 09:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wulf\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-24 17:38 - 2013-10-24 17:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-24 17:38 - 2013-10-24 17:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-24 13:57 - 2013-10-24 13:57 - 00000000 ____D C:\FRST
2013-10-24 13:57 - 2013-10-24 13:56 - 01955412 _____ (Farbar) C:\Users\Wulf\Desktop\FRST64.exe
2013-10-19 22:26 - 2013-10-19 22:26 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-19 22:25 - 2013-10-19 22:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-19 22:25 - 2013-10-19 22:26 - 00000000 ____D C:\Program Files\iTunes
2013-10-19 22:25 - 2013-10-19 22:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-19 22:25 - 2013-10-19 22:25 - 00000000 ____D C:\Program Files\iPod
2013-10-17 15:05 - 2013-10-24 10:12 - 00000000 ____D C:\Users\Wulf\Desktop\000584071
2013-10-17 09:31 - 2013-10-17 14:30 - 00000000 ____D C:\Users\Wulf\Desktop\Schriftverkehr
2013-10-17 08:52 - 2013-10-17 09:26 - 00000000 ____D C:\Users\Wulf\Desktop\ÖRK
2013-10-15 06:12 - 2013-10-19 22:30 - 00440088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-14 09:22 - 2013-10-14 09:30 - 00000000 ____D C:\Users\Wulf\Desktop\Bank Austria_ERGO
2013-10-14 06:23 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-10-14 06:23 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-10-14 06:23 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-10-14 06:23 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-10-14 06:23 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-10-14 06:23 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-10-14 06:23 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-10-14 06:23 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-10-14 06:23 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-10-14 06:23 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-10-14 06:23 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-10-14 06:23 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-10-14 06:23 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-10-14 06:23 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-10-14 06:23 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-10-14 06:23 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-10-14 06:23 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-10-14 06:23 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-10-14 06:23 - 2013-07-31 01:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-10-14 06:23 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-10-14 06:23 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-10-14 06:23 - 2013-07-13 08:15 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-10-14 06:23 - 2013-07-13 06:23 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-10-14 06:23 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-14 06:23 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-12 20:14 - 2013-10-15 18:45 - 00000000 ____D C:\Users\Wulf\Documents\Any Video Converter
2013-10-12 20:13 - 2013-10-12 20:13 - 00001203 _____ C:\Users\Wulf\Desktop\Any Video Converter.lnk
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Users\Wulf\Documents\Any Video Converter Professional
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\AnvSoft
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-10-12 20:12 - 2013-10-12 20:12 - 35631456 _____ (Any-Video-Converter.com ) C:\Users\Wulf\Downloads\avc-free.exe
2013-10-12 20:12 - 2013-10-12 20:12 - 05594392 _____ (Informer Technologies, Inc. ) C:\Users\Wulf\Downloads\siinst.exe
2013-10-12 19:43 - 2013-10-12 19:46 - 00001133 _____ C:\Users\Public\Desktop\Everio MediaBrowser 4.lnk
2013-10-12 19:43 - 2013-10-12 19:46 - 00001128 _____ C:\Users\Public\Desktop\Everio MediaBrowser 4 Player.lnk
2013-10-12 19:43 - 2013-10-12 19:43 - 00000000 ____D C:\Program Files (x86)\PIXELA
2013-10-12 19:34 - 2013-10-12 19:34 - 00000000 ____D C:\ProgramData\Licenses
2013-10-12 19:32 - 2013-10-12 19:39 - 00000000 ____D C:\Program Files (x86)\sK1 Project
2013-10-12 19:31 - 2013-10-12 19:31 - 14596608 _____ C:\Users\Wulf\Downloads\uniconvertor-1.1.5-win32.msi
2013-10-12 19:31 - 2002-06-19 11:19 - 00091136 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msls2.dll
2013-10-12 19:30 - 2013-10-12 19:38 - 00000000 ____D C:\Program Files (x86)\Konvertor
2013-10-12 19:29 - 2013-10-12 19:29 - 34774360 _____ C:\Users\Wulf\Downloads\install1.exe
2013-10-12 19:14 - 2013-10-12 19:15 - 05951064 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_DVD_update.exe
2013-10-12 19:10 - 2013-10-12 19:10 - 10621560 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_400237Update.exe
2013-10-12 19:07 - 2013-10-12 19:08 - 27908248 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_350511Update.exe
2013-10-11 11:44 - 2013-10-11 11:50 - 00000000 ____D C:\Users\Wulf\Desktop\Wr. Städtische
2013-10-11 05:48 - 2013-10-11 05:48 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Wulf\Downloads\Shockwave_Installer_Slim.exe
2013-10-11 05:48 - 2013-10-11 05:48 - 00000000 ____D C:\Users\Wulf\AppData\Local\Macromedia
2013-10-11 05:46 - 2013-10-25 10:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-11 05:46 - 2013-10-11 05:53 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-11 05:46 - 2013-10-11 05:46 - 00000000 ____D C:\ProgramData\McAfee
2013-10-10 23:48 - 2013-10-10 23:48 - 00000921 _____ C:\Users\Public\Desktop\XTubeUploader.lnk
2013-10-10 23:48 - 2013-10-10 23:48 - 00000000 ____D C:\Program Files (x86)\XTubeUploader
2013-10-10 23:32 - 2013-10-16 18:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\com.xtube.airuploader
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\ProgramData\Adobe
2013-10-10 23:31 - 2013-10-11 05:53 - 00000000 ____D C:\Users\Wulf\AppData\Local\Adobe
2013-10-10 00:43 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-10 00:43 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-10 00:43 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-10 00:43 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-10 00:43 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-10 00:43 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-10 00:43 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-10 00:43 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-10 00:43 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-10 00:43 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-10 00:43 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-10 00:43 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-10 00:43 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-10 00:43 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-10 00:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-10 00:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-10 00:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-10 00:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-10 00:43 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-10 00:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-10 00:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-10 00:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-10 00:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-10 00:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-10 00:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-10 00:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-10 00:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-10 00:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-10 00:42 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-10 00:42 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:42 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:42 - 2013-07-06 00:02 - 00121984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2013-10-10 00:42 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-10 00:42 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-10-10 00:42 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-10 00:42 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-10 00:42 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-10 00:42 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2013-10-10 00:42 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-10 00:42 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-10 00:42 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-10 00:42 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-10 00:42 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-10 00:42 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-10 00:42 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-10 00:42 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-10 00:42 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-10 00:42 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-10 00:42 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-10 00:42 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-10 00:42 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-10 00:42 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-10 00:42 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-09 08:53 - 2013-10-25 10:13 - 00007234 _____ C:\WINDOWS\PFRO.log
2013-10-08 12:44 - 2013-10-25 10:25 - 00362706 _____ C:\WINDOWS\setupact.log
2013-10-08 12:44 - 2013-10-08 12:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-07 07:43 - 2013-10-07 07:43 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 07:43 - 2013-10-07 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 01:08 - 2013-10-25 10:38 - 01818371 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-07 00:30 - 2013-10-07 00:31 - 00307938 _____ C:\Users\Wulf\Documents\cc_20131007_003046.reg
2013-10-07 00:23 - 2013-10-07 00:23 - 00002770 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-10-07 00:23 - 2013-10-07 00:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-07 00:23 - 2013-10-07 00:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-06 17:19 - 2013-10-25 09:46 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-06 17:19 - 2013-10-25 09:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-06 17:19 - 2013-10-24 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-06 17:19 - 2013-10-06 17:19 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Malwarebytes
2013-10-06 17:19 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-06 16:46 - 2013-10-06 17:12 - 00000000 ____D C:\WINDOWS\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-06 16:37 - 2013-10-06 16:37 - 00000000 ____D C:\Users\Wulf\AppData\Local\CrashRpt
2013-10-06 16:34 - 2013-10-06 16:34 - 00000000 ____D C:\ProgramData\RapidSolution
2013-10-06 16:34 - 2013-10-06 16:34 - 00000000 ____D C:\Program Files (x86)\Audials
2013-10-06 16:33 - 2013-10-06 16:33 - 00000000 ____D C:\Users\Wulf\AppData\Local\RapidSolution
2013-10-06 16:24 - 2013-10-06 16:24 - 00002453 _____ C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-06 14:49 - 2013-10-06 14:49 - 00001206 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-10-06 14:49 - 2013-10-06 14:49 - 00000000 ____D C:\Users\Wulf\AppData\Local\Wondershare
2013-10-06 14:48 - 2013-10-06 23:13 - 00000000 ____D C:\Users\Wulf\Documents\Wondershare Video Editor
2013-10-06 14:48 - 2013-10-06 14:48 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-10-06 14:37 - 2013-10-06 14:37 - 00000000 ____D C:\Users\Wulf\Documents\31745_VirtualDub-1.9.11
2013-10-06 14:04 - 2013-10-25 10:25 - 00000000 ____D C:\Users\Wulf\Tracing
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\WINDOWS\de
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-10-06 14:01 - 2013-10-06 14:01 - 00000000 ____D C:\Program Files\Windows Live
2013-10-06 14:00 - 2013-10-06 14:02 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-10-06 13:58 - 2013-10-09 06:47 - 00000000 ____D C:\Users\Wulf\AppData\Local\Windows Live
2013-10-06 13:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2013-10-06 13:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2013-10-06 13:58 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2013-10-06 13:58 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-10-06 13:40 - 2013-10-06 13:40 - 00000000 _____ C:\autoexec.bat
2013-10-06 13:39 - 2013-10-06 16:48 - 00000000 ____D C:\WINDOWS\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-06 13:39 - 2013-10-06 13:39 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-06 13:22 - 2013-10-06 13:22 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\TuneUp Software
2013-10-06 13:21 - 2013-10-06 13:22 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-06 13:20 - 2013-10-06 13:21 - 00000000 ____D C:\Users\Wulf\Documents\Freemake
2013-10-06 13:20 - 2013-10-06 13:20 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-06 13:19 - 2013-10-06 21:16 - 00000000 ____D C:\ProgramData\Freemake
2013-10-06 13:19 - 2013-10-06 21:16 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-10-06 05:30 - 2013-10-06 17:41 - 00000000 ____D C:\Users\Wulf\Documents\Everio MediaBrowser 4
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ___HD C:\WINDOWS\AxInstSV
2013-10-02 22:18 - 2013-10-07 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 06:23 - 2013-10-02 06:25 - 00000000 ____D C:\Users\Wulf\Desktop\Assesment Test
2013-10-01 12:32 - 2013-10-01 12:32 - 00047240 _____ (RapidSolution Software AG) C:\WINDOWS\system32\Drivers\tbhsd.sys
2013-09-29 07:59 - 2013-09-29 07:59 - 00526872 _____ C:\Users\Wulf\Desktop\Bewerbungshomepage.oxps
2013-09-27 23:46 - 2013-09-27 23:51 - 00005120 _____ C:\Users\Wulf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-27 22:19 - 2013-09-27 22:19 - 00000000 ____D C:\Users\Wulf\Documents\Pinnacle VideoSpin
2013-09-27 21:12 - 2013-09-27 21:12 - 00000000 ____D C:\ProgramData\Pinnacle
2013-09-27 20:53 - 2013-09-27 20:58 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\Users\Wulf\.MCReferenceSdk
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\ProgramData\Geevs
2013-09-27 20:49 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2013-09-27 20:49 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2013-09-27 20:49 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-09-27 20:49 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-09-27 20:49 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2013-09-27 20:49 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2013-09-27 20:49 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2013-09-27 20:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2013-09-27 20:48 - 2013-10-06 21:18 - 00000000 ____D C:\Program Files\Lightworks
2013-09-27 20:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-09-27 20:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-09-27 20:44 - 2013-09-27 20:45 - 76074768 _____ (Lightworks) C:\Users\Wulf\Downloads\setup_11.1_full_64bit.exe
2013-09-26 22:06 - 2013-09-26 22:06 - 00318517 ____H C:\Users\Wulf\Desktop\Bruttoerklärung_pernjak 09-10.2013.pdf.~tmp
==================== One Month Modified Files and Folders =======
2013-10-25 10:42 - 2013-10-25 10:42 - 00001587 _____ C:\Users\Wulf\Desktop\JRT.txt
2013-10-25 10:38 - 2013-10-07 01:08 - 01818371 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-25 10:33 - 2013-10-25 10:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-25 10:32 - 2013-10-25 10:29 - 01033335 _____ (Thisisu) C:\Users\Wulf\Downloads\JRT.exe
2013-10-25 10:27 - 2012-11-03 00:41 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Dropbox
2013-10-25 10:26 - 2012-11-03 00:44 - 00000000 ___RD C:\Users\Wulf\SkyDrive
2013-10-25 10:26 - 2012-11-03 00:43 - 00000000 ___RD C:\Users\Wulf\Dropbox
2013-10-25 10:25 - 2013-10-08 12:44 - 00362706 _____ C:\WINDOWS\setupact.log
2013-10-25 10:25 - 2013-10-06 14:04 - 00000000 ____D C:\Users\Wulf\Tracing
2013-10-25 10:25 - 2013-02-17 08:27 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-25 10:25 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-25 10:24 - 2012-07-26 07:26 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-10-25 10:23 - 2013-09-05 08:57 - 00000000 ____D C:\AdwCleaner
2013-10-25 10:20 - 2013-10-25 10:20 - 01060070 _____ C:\Users\Wulf\Downloads\adwcleaner.exe
2013-10-25 10:13 - 2013-10-09 08:53 - 00007234 _____ C:\WINDOWS\PFRO.log
2013-10-25 10:12 - 2012-11-03 00:28 - 00000000 ____D C:\Users\Wulf\Documents\Outlook-Dateien
2013-10-25 10:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-25 10:00 - 2013-10-11 05:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-25 09:57 - 2013-02-17 08:27 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-25 09:46 - 2013-10-06 17:19 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-25 09:46 - 2013-10-06 17:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 09:45 - 2013-10-25 09:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Wulf\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-25 09:44 - 2012-11-03 12:00 - 00000000 ____D C:\Users\Wulf\AppData\Local\CrashDumps
2013-10-24 19:16 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-24 19:06 - 2012-11-03 00:14 - 00000000 ____D C:\Users\Wulf\AppData\Local\Packages
2013-10-24 17:38 - 2013-10-24 17:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-24 17:38 - 2013-10-24 17:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-24 13:57 - 2013-10-24 13:57 - 00000000 ____D C:\FRST
2013-10-24 13:56 - 2013-10-24 13:57 - 01955412 _____ (Farbar) C:\Users\Wulf\Desktop\FRST64.exe
2013-10-24 12:07 - 2012-11-03 00:23 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1882345459-3615646933-2730293814-1000
2013-10-24 11:53 - 2012-11-02 23:57 - 00000000 ____D C:\Users\Wulf
2013-10-24 11:51 - 2012-11-02 21:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-24 11:51 - 2012-11-02 21:25 - 00000000 ____D C:\ProgramData\Norton
2013-10-24 11:51 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-10-24 11:50 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-10-24 11:48 - 2013-10-06 17:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-24 10:12 - 2013-10-17 15:05 - 00000000 ____D C:\Users\Wulf\Desktop\000584071
2013-10-21 10:39 - 2012-11-03 00:19 - 01278464 ___SH C:\Users\Wulf\Desktop\Thumbs.db
2013-10-20 16:27 - 2012-07-26 12:27 - 00751892 _____ C:\WINDOWS\system32\perfh007.dat
2013-10-20 16:27 - 2012-07-26 12:27 - 00155620 _____ C:\WINDOWS\system32\perfc007.dat
2013-10-20 16:27 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-19 22:30 - 2013-10-15 06:12 - 00440088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-19 22:30 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-10-19 22:26 - 2013-10-19 22:26 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-19 22:26 - 2013-10-19 22:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-19 22:26 - 2013-10-19 22:25 - 00000000 ____D C:\Program Files\iTunes
2013-10-19 22:26 - 2013-10-19 22:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-19 22:25 - 2013-10-19 22:25 - 00000000 ____D C:\Program Files\iPod
2013-10-18 10:04 - 2013-06-29 04:46 - 00000000 ____D C:\Users\Wulf\Desktop\Bilder unsortiert
2013-10-17 14:30 - 2013-10-17 09:31 - 00000000 ____D C:\Users\Wulf\Desktop\Schriftverkehr
2013-10-17 09:26 - 2013-10-17 08:52 - 00000000 ____D C:\Users\Wulf\Desktop\ÖRK
2013-10-16 22:07 - 2012-11-11 17:48 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Skype
2013-10-16 18:24 - 2013-10-10 23:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-16 18:24 - 2012-11-02 20:44 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Adobe
2013-10-15 18:45 - 2013-10-12 20:14 - 00000000 ____D C:\Users\Wulf\Documents\Any Video Converter
2013-10-15 07:29 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-15 06:15 - 2012-11-02 20:32 - 00000000 ___RD C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 06:15 - 2012-11-02 20:32 - 00000000 ___RD C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 06:09 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-10-14 09:30 - 2013-10-14 09:22 - 00000000 ____D C:\Users\Wulf\Desktop\Bank Austria_ERGO
2013-10-12 22:08 - 2013-08-20 14:13 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\vlc
2013-10-12 20:13 - 2013-10-12 20:13 - 00001203 _____ C:\Users\Wulf\Desktop\Any Video Converter.lnk
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Users\Wulf\Documents\Any Video Converter Professional
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\AnvSoft
2013-10-12 20:13 - 2013-10-12 20:13 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2013-10-12 20:12 - 2013-10-12 20:12 - 35631456 _____ (Any-Video-Converter.com ) C:\Users\Wulf\Downloads\avc-free.exe
2013-10-12 20:12 - 2013-10-12 20:12 - 05594392 _____ (Informer Technologies, Inc. ) C:\Users\Wulf\Downloads\siinst.exe
2013-10-12 19:46 - 2013-10-12 19:43 - 00001133 _____ C:\Users\Public\Desktop\Everio MediaBrowser 4.lnk
2013-10-12 19:46 - 2013-10-12 19:43 - 00001128 _____ C:\Users\Public\Desktop\Everio MediaBrowser 4 Player.lnk
2013-10-12 19:43 - 2013-10-12 19:43 - 00000000 ____D C:\Program Files (x86)\PIXELA
2013-10-12 19:43 - 2012-11-02 20:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-12 19:39 - 2013-10-12 19:32 - 00000000 ____D C:\Program Files (x86)\sK1 Project
2013-10-12 19:38 - 2013-10-12 19:30 - 00000000 ____D C:\Program Files (x86)\Konvertor
2013-10-12 19:34 - 2013-10-12 19:34 - 00000000 ____D C:\ProgramData\Licenses
2013-10-12 19:31 - 2013-10-12 19:31 - 14596608 _____ C:\Users\Wulf\Downloads\uniconvertor-1.1.5-win32.msi
2013-10-12 19:29 - 2013-10-12 19:29 - 34774360 _____ C:\Users\Wulf\Downloads\install1.exe
2013-10-12 19:15 - 2013-10-12 19:14 - 05951064 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_DVD_update.exe
2013-10-12 19:10 - 2013-10-12 19:10 - 10621560 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_400237Update.exe
2013-10-12 19:08 - 2013-10-12 19:07 - 27908248 _____ (Macrovision Corporation) C:\Users\Wulf\Downloads\EMB_350511Update.exe
2013-10-12 05:44 - 2012-11-03 00:43 - 00001014 _____ C:\Users\Wulf\Desktop\Dropbox.lnk
2013-10-12 05:44 - 2012-11-03 00:41 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-11 11:52 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Wulf\Desktop\AMS
2013-10-11 11:50 - 2013-10-11 11:44 - 00000000 ____D C:\Users\Wulf\Desktop\Wr. Städtische
2013-10-11 11:26 - 2013-04-28 01:04 - 00000000 ____D C:\Users\Wulf\Desktop\Bewerbungen
2013-10-11 05:53 - 2013-10-11 05:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-11 05:53 - 2013-10-10 23:31 - 00000000 ____D C:\Users\Wulf\AppData\Local\Adobe
2013-10-11 05:48 - 2013-10-11 05:48 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Wulf\Downloads\Shockwave_Installer_Slim.exe
2013-10-11 05:48 - 2013-10-11 05:48 - 00000000 ____D C:\Users\Wulf\AppData\Local\Macromedia
2013-10-11 05:46 - 2013-10-11 05:46 - 00000000 ____D C:\ProgramData\McAfee
2013-10-10 23:48 - 2013-10-10 23:48 - 00000921 _____ C:\Users\Public\Desktop\XTubeUploader.lnk
2013-10-10 23:48 - 2013-10-10 23:48 - 00000000 ____D C:\Program Files (x86)\XTubeUploader
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\com.xtube.airuploader
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-10-10 23:32 - 2013-10-10 23:32 - 00000000 ____D C:\ProgramData\Adobe
2013-10-10 16:35 - 2013-04-04 09:41 - 00000000 ____D C:\Users\Wulf\Documents\Eigene Scans
2013-10-10 14:25 - 2012-11-11 17:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-10 14:25 - 2012-11-11 17:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-10 01:31 - 2013-07-30 06:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 01:29 - 2012-12-11 22:28 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-09 06:47 - 2013-10-06 13:58 - 00000000 ____D C:\Users\Wulf\AppData\Local\Windows Live
2013-10-08 17:52 - 2013-02-17 08:27 - 00004096 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 17:52 - 2013-02-17 08:27 - 00003860 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 12:44 - 2013-10-08 12:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-07 07:44 - 2013-06-06 22:24 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Mozilla
2013-10-07 07:43 - 2013-10-07 07:43 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 07:43 - 2013-10-07 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 07:43 - 2013-10-02 22:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 00:31 - 2013-10-07 00:30 - 00307938 _____ C:\Users\Wulf\Documents\cc_20131007_003046.reg
2013-10-07 00:26 - 2012-11-02 23:03 - 00000000 ____D C:\WINDOWS\Panther
2013-10-07 00:23 - 2013-10-07 00:23 - 00002770 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-10-07 00:23 - 2013-10-07 00:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-07 00:23 - 2013-10-07 00:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-06 23:13 - 2013-10-06 14:48 - 00000000 ____D C:\Users\Wulf\Documents\Wondershare Video Editor
2013-10-06 21:18 - 2013-09-27 20:48 - 00000000 ____D C:\Program Files\Lightworks
2013-10-06 21:16 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Freemake
2013-10-06 21:16 - 2013-10-06 13:19 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-10-06 17:41 - 2013-10-06 05:30 - 00000000 ____D C:\Users\Wulf\Documents\Everio MediaBrowser 4
2013-10-06 17:19 - 2013-10-06 17:19 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\Malwarebytes
2013-10-06 17:12 - 2013-10-06 16:46 - 00000000 ____D C:\WINDOWS\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-06 17:12 - 2012-11-03 19:30 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-10-06 16:48 - 2013-10-06 13:39 - 00000000 ____D C:\WINDOWS\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-06 16:37 - 2013-10-06 16:37 - 00000000 ____D C:\Users\Wulf\AppData\Local\CrashRpt
2013-10-06 16:34 - 2013-10-06 16:34 - 00000000 ____D C:\ProgramData\RapidSolution
2013-10-06 16:34 - 2013-10-06 16:34 - 00000000 ____D C:\Program Files (x86)\Audials
2013-10-06 16:33 - 2013-10-06 16:33 - 00000000 ____D C:\Users\Wulf\AppData\Local\RapidSolution
2013-10-06 16:24 - 2013-10-06 16:24 - 00002453 _____ C:\Users\Wulf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-10-06 14:49 - 2013-10-06 14:49 - 00001206 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-10-06 14:49 - 2013-10-06 14:49 - 00000000 ____D C:\Users\Wulf\AppData\Local\Wondershare
2013-10-06 14:48 - 2013-10-06 14:48 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-10-06 14:37 - 2013-10-06 14:37 - 00000000 ____D C:\Users\Wulf\Documents\31745_VirtualDub-1.9.11
2013-10-06 14:03 - 2013-10-06 14:03 - 00000000 ____D C:\WINDOWS\de
2013-10-06 14:02 - 2013-10-06 14:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-10-06 14:02 - 2013-10-06 14:00 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-10-06 14:01 - 2013-10-06 14:01 - 00000000 ____D C:\Program Files\Windows Live
2013-10-06 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-06 13:40 - 2013-10-06 13:40 - 00000000 _____ C:\autoexec.bat
2013-10-06 13:39 - 2013-10-06 13:39 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-06 13:22 - 2013-10-06 13:22 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\TuneUp Software
2013-10-06 13:22 - 2013-10-06 13:21 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-06 13:21 - 2013-10-06 13:20 - 00000000 ____D C:\Users\Wulf\Documents\Freemake
2013-10-06 13:20 - 2013-10-06 13:20 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ___HD C:\WINDOWS\AxInstSV
2013-10-03 08:08 - 2013-09-09 07:21 - 00000000 ____D C:\Users\Wulf\AppData\Local\Mozilla
2013-10-02 06:25 - 2013-10-02 06:23 - 00000000 ____D C:\Users\Wulf\Desktop\Assesment Test
2013-10-02 03:38 - 2013-09-13 09:17 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-13 09:17 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 12:32 - 2013-10-01 12:32 - 00047240 _____ (RapidSolution Software AG) C:\WINDOWS\system32\Drivers\tbhsd.sys
2013-09-29 07:59 - 2013-09-29 07:59 - 00526872 _____ C:\Users\Wulf\Desktop\Bewerbungshomepage.oxps
2013-09-27 23:51 - 2013-09-27 23:46 - 00005120 _____ C:\Users\Wulf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-27 22:19 - 2013-09-27 22:19 - 00000000 ____D C:\Users\Wulf\Documents\Pinnacle VideoSpin
2013-09-27 21:12 - 2013-09-27 21:12 - 00000000 ____D C:\ProgramData\Pinnacle
2013-09-27 21:12 - 2013-09-05 15:06 - 00000000 ____D C:\Users\Wulf\AppData\Local\Downloaded Installations
2013-09-27 20:58 - 2013-09-27 20:53 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\Users\Wulf\.MCReferenceSdk
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\ProgramData\Geevs
2013-09-27 20:45 - 2013-09-27 20:44 - 76074768 _____ (Lightworks) C:\Users\Wulf\Downloads\setup_11.1_full_64bit.exe
2013-09-27 20:31 - 2013-09-06 09:34 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-09-27 20:30 - 2013-09-06 09:34 - 00000000 ____D C:\Users\Wulf\AppData\Roaming\NCH Software
2013-09-27 20:30 - 2013-09-06 09:34 - 00000000 ____D C:\ProgramData\NCH Software
2013-09-27 20:29 - 2013-09-06 09:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2013-09-26 22:11 - 2013-09-04 09:40 - 00000000 ____D C:\Users\Wulf\Desktop\Doku Scans ALO
2013-09-26 22:06 - 2013-09-26 22:06 - 00318517 ____H C:\Users\Wulf\Desktop\Bruttoerklärung_pernjak 09-10.2013.pdf.~tmp
Some content of TEMP:
====================
C:\Users\Wulf\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Wulf\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Wulf\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Wulf\AppData\Local\Temp\Quarantine.exe
C:\Users\Wulf\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-22 07:19
==================== End Of Log ============================
--- --- ---
--- --- ---