Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verlinkung im Mozilla (trkjmp.com etc.)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.06.2013, 18:54   #1
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Hallo,

Ich habe einen Malware die in meinem Browser bestimmte Wörter unterstreicht und diese verlinkt. Ich habe hier im Forum ein bisschen gesucht und habe Threads mit dem gleichen Problem gefunden. Ich habe in den letzten paar Wochen einige gratis VST heruntergeladen und den MinGW, doch vermutlich habe ich mir bei den VST's etwas eingefangen, obwohl ich McAfee laufen habe. Auch Malwarybytes hat nichts gefunden. Vielen Dank für die Hilfe.

EDIT: Hm OTL Logfile wurde nicht hochgeladen:
Code:
ATTFilter
OTL logfile created on: 18.06.2013 19:18:19 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*****\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
7.89 Gb Total Physical Memory | 4.36 Gb Available Physical Memory | 55.23% Memory free
9.07 Gb Paging File | 5.50 Gb Available in Paging File | 60.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.64 Gb Total Space | 435.28 Gb Free Space | 63.30% Space Free | Partition Type: NTFS
 
Computer Name: ANDREAS | User Name: *********** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.18 19:17:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***********\Downloads\OTL.exe
PRC - [2013.06.05 21:38:38 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013.05.22 10:30:52 | 000,661,360 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
PRC - [2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.26 17:43:45 | 000,703,888 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013.03.26 17:43:31 | 000,555,408 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.08.05 00:02:22 | 001,548,952 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
PRC - [2012.08.05 00:01:56 | 000,213,136 | ---- | M] () -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
PRC - [2012.08.01 02:32:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.07.17 23:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 23:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012.06.27 21:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.06.25 19:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.05 21:38:38 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.26 17:44:18 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2012.08.27 22:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 22:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.05 00:01:56 | 000,213,136 | ---- | M] () -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.06.14 00:50:07 | 000,335,216 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\AppStats\MfeASUM.exe -- (MfeASUM)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.04.03 13:34:46 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013.04.03 13:32:06 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013.03.05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.03.01 09:08:02 | 000,388,680 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013.02.28 09:46:18 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.08.31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012.08.31 14:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012.08.25 02:33:20 | 000,291,240 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2012.08.03 22:31:40 | 000,566,696 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2012.07.28 18:20:44 | 000,458,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2012.07.27 23:35:00 | 000,053,384 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.07.18 21:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.07.18 21:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.07.18 21:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.07.18 21:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.04.20 23:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013.05.21 11:11:10 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.26 17:43:31 | 000,555,408 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.08.14 15:36:04 | 000,114,656 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2012.08.08 03:58:38 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.08.01 02:32:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 23:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 23:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012.06.27 21:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.06.25 19:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.01.28 13:28:54 | 000,225,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\PROGRA~1\mcafee\msc\mcawfwk.exe -- (McAWFwk)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.04.13 21:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.14 00:50:07 | 000,031,408 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Program Files\McAfee\AppStats\MfeASKM.sys -- (MfeASKM)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:17 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.04.03 13:37:38 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013.04.03 13:34:58 | 000,342,416 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013.04.03 13:33:06 | 000,772,944 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013.04.03 13:32:14 | 000,516,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013.04.03 13:31:36 | 000,309,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013.04.03 13:31:14 | 000,179,664 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013.04.03 13:18:30 | 000,069,240 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2013.03.26 17:24:15 | 000,050,128 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2013.03.26 17:18:20 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.18 07:46:56 | 000,095,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013.02.18 07:46:50 | 000,337,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.26 17:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.10.26 17:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.10.26 17:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.19 14:53:16 | 004,273,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.08.16 14:24:06 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.16 14:24:06 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.10 04:29:54 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.08.10 04:29:54 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.08.10 04:29:52 | 000,188,384 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.08.10 04:29:52 | 000,048,096 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.08.07 06:55:42 | 000,019,936 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2012.08.06 06:36:12 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.08.01 02:32:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.07.31 21:28:54 | 000,028,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Thotkey.sys -- (Thotkey)
DRV:64bit: - [2012.07.31 20:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.07.28 22:10:08 | 000,048,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:30:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser.sys -- (usbser)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.26 01:34:42 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2012.07.25 01:54:00 | 000,031,184 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2012.07.22 00:59:02 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2012.07.13 13:04:30 | 000,103,936 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012.07.10 16:35:44 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2012.07.03 14:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012.07.03 00:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.25 23:59:58 | 000,018,304 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2012.06.19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.18 19:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2012.05.28 10:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2011.08.17 10:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 10:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 10:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.04.28 21:18:04 | 000,053,080 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tscusb2a.sys -- (TASCAM_US122L_MK2_WDM)
DRV:64bit: - [2011.04.28 21:18:02 | 000,419,160 | ---- | M] (TASCAM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tascusb2.sys -- (TASCAM_US122144)
DRV:64bit: - [2010.04.13 21:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MOBK.sys -- (MOBKFilter)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{8FAB4D35-D8C4-45D2-9BA4-2DDFC0CB87BB}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{8FAB4D35-D8C4-45D2-9BA4-2DDFC0CB87BB}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2C26BF94-8747-4395-9283-83DB9276B405}
IE - HKCU\..\SearchScopes\{2C26BF94-8747-4395-9283-83DB9276B405}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CH&apn_uid=6C9C2A35-2C1E-4E5E-8B2F-B13189F47208&apn_sauid=FC8A4545-6FDB-46EF-A17B-3C77C9243487
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com"
FF - prefs.js..extensions.enabledAddons: firefox%40unfriendfinder.com:42.220
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.2
FF - prefs.js..extensions.enabledAddons: videosaver%40videosaver.net:1.114
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.06.15 23:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.29 20:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.29 20:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.04.17 12:00:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\videosaver@videosaver.net: C:\Program Files (x86)\VideoSaver\FF\ [2013.06.02 11:11:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.29 20:34:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.11.11 00:56:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***********\AppData\Roaming\mozilla\Extensions
[2013.06.05 23:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***********\AppData\Roaming\mozilla\Firefox\Profiles\pxgm5o7b.default\extensions
[2013.01.28 19:27:51 | 000,374,788 | ---- | M] () (No name found) -- C:\Users\***********\AppData\Roaming\mozilla\firefox\profiles\pxgm5o7b.default\extensions\firefox@unfriendfinder.com.xpi
[2013.05.26 20:15:24 | 000,534,261 | ---- | M] () (No name found) -- C:\Users\***********\AppData\Roaming\mozilla\firefox\profiles\pxgm5o7b.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.06.05 23:22:23 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***********\AppData\Roaming\mozilla\firefox\profiles\pxgm5o7b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.21 11:11:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.04 11:18:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.15 23:33:12 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2013.06.02 11:11:05 | 000,000,000 | ---D | M] ("VideoSaver") -- C:\PROGRAM FILES (X86)\VIDEOSAVER\FF
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (VideoSaver) - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll (VideoSaver)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound 3D] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ()
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ToshibaDynamicIconUtility] C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.92.99.7 81.92.99.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11ADEB54-CA1E-4A71-B5D8-F8A0B5AF95FB}: DhcpNameServer = 81.92.99.7 81.92.99.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7373A6E6-F97A-4C7F-AB34-C656CC0EC06D}: DhcpNameServer = 81.92.99.5 81.92.99.6
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.18 18:24:39 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Malwarebytes
[2013.06.18 18:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.18 18:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.18 18:22:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.06.18 18:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.18 18:22:21 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Local\Programs
[2013.06.18 18:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.13 12:49:59 | 000,000,000 | ---D | C] -- C:\efc46e5ea5c3beecd0d2d1dfb539e86a
[2013.06.12 19:57:52 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Auslogics
[2013.06.12 19:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013.06.12 19:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2013.06.05 20:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.05 20:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.05 20:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.05 20:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.05 20:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.02 11:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoSaver
[2013.06.02 11:11:02 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bleep VSTi
[2013.06.02 11:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bleep VSTi
[2013.05.29 20:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.05.29 20:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.05.21 11:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.18 18:53:55 | 001,745,416 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.06.18 18:53:55 | 000,753,134 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.06.18 18:53:55 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.06.18 18:53:55 | 000,155,826 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.06.18 18:53:55 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.06.18 18:22:39 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.18 18:09:54 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2013.06.18 18:05:34 | 000,000,406 | ---- | M] () -- C:\windows\tasks\VideoSaver Update.job
[2013.06.18 17:45:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.18 17:43:16 | 004,857,792 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.18 17:43:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.18 17:42:21 | 2479,849,471 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.18 17:39:16 | 000,204,502 | ---- | M] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371569956029
[2013.06.18 17:04:41 | 000,204,502 | ---- | M] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371567881506
[2013.06.18 16:04:41 | 000,204,502 | ---- | M] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371564281507
[2013.06.12 19:57:51 | 000,001,257 | ---- | M] () -- C:\Users\***********\Desktop\Auslogics Disk Defrag.lnk
[2013.06.05 20:39:20 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.04 11:18:33 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.03 00:03:55 | 000,044,195 | ---- | M] () -- C:\Users\***********\Documents\SVV-Ritzen.jpg
[2013.05.25 13:02:57 | 000,001,880 | ---- | M] () -- C:\Users\***********\Desktop\Tor.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.18 18:22:39 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.18 17:43:02 | 004,857,792 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.18 17:39:16 | 000,204,502 | ---- | C] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371569956029
[2013.06.18 17:04:41 | 000,204,502 | ---- | C] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371567881506
[2013.06.18 16:04:41 | 000,204,502 | ---- | C] () -- C:\Users\***********\AppData\Local\soulseek-client.dat.1371564281507
[2013.06.15 14:40:14 | 000,386,646 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.06.12 19:57:51 | 000,001,257 | ---- | C] () -- C:\Users\***********\Desktop\Auslogics Disk Defrag.lnk
[2013.06.05 20:39:20 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.03 00:03:53 | 000,044,195 | ---- | C] () -- C:\Users\***********\Documents\SVV-Ritzen.jpg
[2013.06.02 11:11:05 | 000,000,406 | ---- | C] () -- C:\windows\tasks\VideoSaver Update.job
[2012.11.12 19:52:17 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012.10.26 17:42:24 | 000,336,232 | ---- | C] () -- C:\windows\SysWow64\DevManagerCore.dll
[2012.10.26 17:42:22 | 010,919,784 | ---- | C] () -- C:\windows\SysWow64\LogiDPP.dll
[2012.10.26 17:42:22 | 000,103,272 | ---- | C] () -- C:\windows\SysWow64\LogiDPPApp.exe
[2012.08.06 06:36:22 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.08.06 06:36:08 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.08.06 06:36:06 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.04.20 22:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.12 19:57:52 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Auslogics
[2013.05.19 17:43:49 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Balabolka
[2013.02.10 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\DVDVideoSoft
[2012.12.22 15:40:13 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Image-Line
[2012.12.01 14:56:30 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\IrfanView
[2012.11.11 18:52:50 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\SharePod
[2013.05.13 12:54:24 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Smartelectronix
[2012.12.06 07:12:41 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\sMedio
[2012.11.11 01:04:50 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Thunderbird
[2012.11.11 00:07:45 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Toshiba
[2013.02.10 20:21:03 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >
         
.

Alt 18.06.2013, 19:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 18.06.2013, 19:38   #3
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Hallo Schrauber,

Vielen Dank für die Antwort.
Habe die Files angehängt.

Lg
__________________
Angehängte Dateien
Dateityp: txt Addition.txt (26,8 KB, 196x aufgerufen)
Dateityp: txt FRST.txt (45,6 KB, 143x aufgerufen)

Alt 19.06.2013, 07:01   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Bitte die Logs in Codetags posten, ich kann keine Zips öffnen auf Arbeit.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.06.2013, 14:46   #5
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Hallo, hier:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2013 02
Ran by *********** (administrator) on 18-06-2013 20:34:09
Running from C:\Users\***********\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_624a7aa150f57306\TiWorker.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: []  [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h [215247 2012-08-20] ()
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2609064 2012-08-30] ()
HKLM\...\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2012-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [247144 2012-08-01] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
HKCU SearchScopes: DefaultScope {2C26BF94-8747-4395-9283-83DB9276B405} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CH&apn_uid=6C9C2A35-2C1E-4E5E-8B2F-B13189F47208&apn_sauid=FC8A4545-6FDB-46EF-A17B-3C77C9243487
SearchScopes: HKCU - {2C26BF94-8747-4395-9283-83DB9276B405} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CH&apn_uid=6C9C2A35-2C1E-4E5E-8B2F-B13189F47208&apn_sauid=FC8A4545-6FDB-46EF-A17B-3C77C9243487
SearchScopes: HKCU - {8FAB4D35-D8C4-45D2-9BA4-2DDFC0CB87BB} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: VideoSaver - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll (VideoSaver)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 81.92.99.7 81.92.99.6

FireFox:
========
FF ProfilePath: C:\Users\***********\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: firefox - C:\Users\***********\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\firefox@unfriendfinder.com.xpi
FF Extension: No Name - C:\Users\***********\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\***********\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [225216 2011-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-03-01] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-06-14] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-06-14] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-19] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [419160 2011-04-28] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\system32\drivers\tscusb2a.sys [53080 2011-04-28] (TASCAM)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-03-26] (Cisco Systems, Inc.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\***********\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 19:39 - 2013-06-18 19:43 - 00073970 ____A C:\Users\***********\Downloads\Extras.Txt
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\***********\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\***********\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\***********\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\***********\defogger_reenable
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\***********\Downloads\Defogger.exe
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\***********\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\***********\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\***********\Downloads\AdwCleaner.exe.part
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\***********\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:22 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-18 18:16 - 2013-06-18 18:17 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\***********\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371569956029
2013-06-18 17:04 - 2013-06-18 17:04 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371567881506
2013-06-18 16:04 - 2013-06-18 16:04 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371564281507
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-15 22:00 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-15 22:00 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 22:00 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-15 22:00 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 16:27 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-15 16:27 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 14:40 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 14:40 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 14:40 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 14:40 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 14:40 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 14:40 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 14:40 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 14:40 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 14:40 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 14:40 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 14:40 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 14:40 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 14:40 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-13 12:49 - 2013-06-13 12:52 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 00:22 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-13 00:22 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-13 00:22 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 00:22 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 00:22 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 00:22 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 00:22 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 00:22 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 00:22 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 00:22 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 00:22 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 00:22 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 00:22 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 00:22 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 22:45 - 2013-06-18 19:16 - 01798217 ____A C:\Windows\WindowsUpdate.log
2013-06-12 20:07 - 2013-06-12 20:08 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\***********\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\***********\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\***********\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\***********\Downloads\disk3610-defrag-setup.exe
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:53 - 2013-06-05 23:54 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:51 - 2013-06-05 23:52 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\***********\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:18 - 2013-06-05 23:20 - 102323272 ____A C:\Users\***********\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\***********\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\***********\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\***********\Downloads\JL_Trombone.sfArk
2013-06-02 11:59 - 2013-06-02 12:01 - 78920656 ____A (Plogue                                                      ) C:\Users\***********\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:11 - 2013-06-18 20:34 - 00000406 ____A C:\Windows\Tasks\VideoSaver Update.job
2013-06-02 11:11 - 2013-06-02 11:11 - 00000000 ____D C:\Program Files (x86)\VideoSaver
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\***********\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\***********\Downloads\Bleep VSTi Setup.exe
2013-05-29 20:33 - 2013-05-29 20:34 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-21 11:11 - 2013-06-04 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-19 17:43 - 2013-05-19 17:43 - 00000964 ____A C:\Users\***********\Desktop\Balabolka.lnk
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Users\***********\Documents\Balabolka
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Users\***********\AppData\Roaming\Balabolka
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Program Files (x86)\Balabolka
2013-05-19 16:21 - 2013-05-19 16:21 - 07440624 ____A C:\Users\***********\Downloads\SoulseekQt-2013-5-18.exe
2013-05-19 14:27 - 2013-06-05 00:09 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-19 14:27 - 2013-06-05 00:09 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

2013-06-18 20:34 - 2013-06-12 22:45 - 01798217 ____A C:\Windows\WindowsUpdate.log
2013-06-18 20:34 - 2013-06-02 11:11 - 00000406 ____A C:\Windows\Tasks\VideoSaver Update.job
2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\***********\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 20:13 - 2012-12-07 17:35 - 00001855 ____A C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-06-18 20:06 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-18 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-18 19:43 - 2013-06-18 19:39 - 00073970 ____A C:\Users\***********\Downloads\Extras.Txt
2013-06-18 19:43 - 2013-03-07 18:03 - 00000000 ____D C:\Users\***********\Documents\Hacking
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\***********\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\***********\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\***********\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\***********\defogger_reenable
2013-06-18 19:34 - 2012-11-11 00:05 - 00000000 ____D C:\users\***********
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\***********\Downloads\Defogger.exe
2013-06-18 19:25 - 2013-03-08 23:20 - 00000418 ____A C:\Users\***********\Desktop\Neues Textdokument (4).txt
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\***********\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\***********\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\***********\Downloads\AdwCleaner.exe.part
2013-06-18 18:53 - 2012-08-01 18:38 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-18 18:53 - 2012-08-01 18:38 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-18 18:53 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\***********\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:17 - 2013-06-18 18:16 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\***********\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371569956029
2013-06-18 17:04 - 2013-06-18 17:04 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371567881506
2013-06-18 16:04 - 2013-06-18 16:04 - 00204502 ____A C:\Users\***********\AppData\Local\soulseek-client.dat.1371564281507
2013-06-18 15:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-17 14:56 - 2013-04-25 19:58 - 00000274 ____A C:\Users\***********\Desktop\Neues Textdokument (5).txt
2013-06-17 14:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-17 01:46 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-15 23:34 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-13 13:47 - 2013-02-20 21:28 - 00000000 ____D C:\Users\***********\AppData\Local\Spectrasonics
2013-06-13 12:52 - 2013-06-13 12:49 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 12:50 - 2012-12-13 19:46 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 05:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-06-12 22:48 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-06-12 22:47 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-12 20:26 - 2013-05-07 22:50 - 00000000 ____D C:\Users\***********\Documents\Registry Sicherung
2013-06-12 20:08 - 2013-06-12 20:07 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\***********\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\***********\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\***********\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\***********\Downloads\disk3610-defrag-setup.exe
2013-06-11 21:28 - 2013-03-03 16:03 - 00000000 ____D C:\Users\***********\AppData\Roaming\CodeBlocks
2013-06-11 16:33 - 2013-03-04 00:24 - 00004151 ____A C:\Users\***********\Desktop\endbrief.txt
2013-06-10 21:44 - 2012-11-11 00:05 - 00000000 ____D C:\Users\***********\AppData\Local\VirtualStore
2013-06-07 16:38 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-07 16:38 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-06-06 12:05 - 2013-02-25 15:49 - 00000912 ____A C:\Users\***********\Desktop\Neues Textdokument (3).txt
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:54 - 2013-06-05 23:53 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:52 - 2013-06-05 23:51 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\***********\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:20 - 2013-06-05 23:18 - 102323272 ____A C:\Users\***********\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 22:18 - 2012-11-28 20:19 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-06-05 21:38 - 2012-12-10 20:33 - 00000000 ____D C:\Users\***********\AppData\Local\Adobe
2013-06-05 20:42 - 2012-11-11 00:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-05 00:09 - 2013-05-19 14:27 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-05-19 14:27 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 11:18 - 2013-05-21 11:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-04 11:18 - 2012-11-11 00:55 - 00001158 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\***********\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\***********\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\***********\Downloads\JL_Trombone.sfArk
2013-06-02 21:50 - 2012-12-22 15:01 - 00000000 ____D C:\Users\***********\Documents\Fruity Loops Stuff
2013-06-02 12:01 - 2013-06-02 11:59 - 78920656 ____A (Plogue                                                      ) C:\Users\***********\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:11 - 2013-06-02 11:11 - 00000000 ____D C:\Program Files (x86)\VideoSaver
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\***********\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\***********\Downloads\Bleep VSTi Setup.exe
2013-05-31 01:24 - 2013-06-15 22:00 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-31 01:08 - 2013-06-15 22:00 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-29 20:34 - 2013-05-29 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-25 13:02 - 2013-01-28 01:43 - 00001880 ____A C:\Users\***********\Desktop\Tor.lnk
2013-05-24 01:01 - 2013-06-15 22:00 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-24 00:27 - 2013-06-15 22:00 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-05-19 17:43 - 2013-05-19 17:43 - 00000964 ____A C:\Users\***********\Desktop\Balabolka.lnk
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Users\***********\Documents\Balabolka
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Users\***********\AppData\Roaming\Balabolka
2013-05-19 17:43 - 2013-05-19 17:43 - 00000000 ____D C:\Program Files (x86)\Balabolka
2013-05-19 16:21 - 2013-05-19 16:21 - 07440624 ____A C:\Users\***********\Downloads\SoulseekQt-2013-5-18.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-02 09:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2013 02
Ran by ************* at 2013-06-18 20:34:40 Run:
Running from C:\Users\*************\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Media Player (Version: 1.8)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Aloha TriPeaks (Version: 2.2.0.98)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 2.1.0.6)
Auslogics Disk Defrag (Version: 3.6)
Balabolka (Version: 2.7.0.545)
Bejeweled 3 (Version: 2.2.0.98)
Bleep VSTi
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.01)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco AnyConnect Secure Mobility Client  (Version: 3.1.03103)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103)
CodeBlocks (Version: 12.11)
Collab
D3DX10 (Version: 15.4.2368.0902)
Edirol HQ Orchestral VSTi v1.03
Empress of the Deep - The Darkest Secret (Version: 2.2.0.98)
FL Studio 7
FL Studio 8
Fotogalerie (Version: 16.4.3505.0912)
IL Download Manager
Intel AppUp(SM) center (Version: 3.6.1.33268.15)
Intel PROSet Wireless
Intel(R) Management Engine Components (Version: 8.1.0.1252)
Intel(R) Processor Graphics (Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (Version: 11.5.2.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel(R) WiDi (Version: 3.5.34.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.05.2000.1462)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IrfanView (remove only) (Version: 4.35)
Island Tribe (Version: 2.2.0.98)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (Version: 7.0.210)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90)
Jewel Quest Solitaire 2 (Version: 2.2.0.98)
Junk Mail filter update (Version: 16.4.3505.0912)
Magic Academy (Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mathematica Extras 8.0 (2609412) (Version: 8.0.4)
McAfee Internet Security (Version: 12.1.338)
McAfee Online Backup (Version: 1.16.4.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MinGW-Get version 0.5-beta-20120426-1 (Version: 0.5-beta-20120426-1)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
Mozilla Thunderbird 17.0.6 (x86 de) (Version: 17.0.6)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nero 12 Essentials Toshiba (Version: 12.0.00400)
Nero BackItUp (Version: 12.0.1000)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.12600)
Nero Blu-ray Player Help (CHM) (Version: 12.0.3000)
Nero BurnRights (Version: 12.0.3000)
Nero BurnRights Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.14800.0.48)
Nero ControlCenter Help (CHM) (Version: 12.0.3000)
Nero Core Components (Version: 11.0.17600.2.3)
Nero Express (Version: 12.0.14001)
Nero Express Help (CHM) (Version: 12.0.3000)
Nero Kwik Media (Version: 1.18.16800)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero Launcher (Version: 12.2.1000)
Nero RescueAgent (Version: 12.0.7002)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nokia Connectivity Cable Driver (Version: 7.1.32.69)
NVIDIA Control Panel 305.46 (Version: 305.46)
NVIDIA Graphics Driver 305.46 (Version: 305.46)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
NVIDIA Update Components (Version: 1.10.8)
PDF Settings CS5 (Version: 10.0)
Peggle Nights (Version: 2.2.0.98)
Photo Gallery (Version: 16.4.3505.0912)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PoiZone
Polar Bowler (Version: 2.2.0.97)
Prerequisite installer (Version: 12.0.0002)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6690)
Realtek PCIE Card Reader (Version: 6.2.8400.29029)
Shared C Run-time for x64 (Version: 10.0.0)
SoulseekQt
SRS Premium Sound Control Panel (Version: 1.12.5000)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TOSHIBA Desktop Assist (Version: 1.00.0007.00002)
TOSHIBA eco Utility (Version: 2.0.0.6415)
TOSHIBA Function Key (Version: 1.00.6625.6402)
TOSHIBA HDD Protection (Version: 2.5.1.1)
TOSHIBA Manuals (Version: 10.10)
TOSHIBA Password Utility (Version: v1.0.0.9)
TOSHIBA PC Health Monitor (Version: 1.8.17.640104)
Toshiba Places Icon Utility (Version: 2.1.1)
TOSHIBA Recovery Media Creator (Version: 2.2.0.54043005)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.2.2.00)
TOSHIBA Service Station (Version: 2.4.4)
TOSHIBA System Driver (Version: 1.00.0013)
TOSHIBA System Settings (Version: 1.00.0002.32002)
Toshiba TEMPRO (Version: 4.2.1)
TOSHIBA VIDEO PLAYER (Version: 5.1.0.12-A)
Toxic Biohazard
Update Installer for WildTangent Games App
US-122 MKII / US-144 MKII
VideoSaver
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
Welcome App (Start-up experience) (Version: 12.0.13000)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.37)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Wolfram CDF Player (M-WIN-D 8.0.4 2609533) (Version: 8.0.4)
XAMPP 1.8.1

==================== Restore Points  =========================

02-06-2013 07:58:23 Windows Update
05-06-2013 08:58:41 Windows Update
10-06-2013 12:17:25 Windows Update
12-06-2013 16:02:36 Wiederherstellungsvorgang
16-06-2013 11:00:34 Windows Update
18-06-2013 15:39:56 Wiederherstellungsvorgang

==================== Scheduled Tasks (whitelisted) =============

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {38C5E1C1-A53D-4B9C-B7E7-4899FD625A02} - System32\Tasks\EPUpdater => C:\Users\SCHULT~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2012-07-26] ()
Task: {3A3A0427-58B5-4E00-AF55-C28F3D1A7014} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3E79E926-AB1E-43F2-9507-B7B7A8C01994} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {40C33275-7B45-4A85-A9A6-19411A1E1C7C} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3621469631-227534573-1042001122-1002
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {480E7DCD-E947-4996-B756-54E25A76AA1A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {54ABCEC6-AC6E-4235-8041-A4AB6BF678EA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {63A33A9B-9283-4A8B-A7CF-3028C5412657} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {687A8C58-EA91-4E8A-822E-5AB35725D3FB} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {6B03E51F-728C-4DB9-9810-1212C6E245F8} - System32\Tasks\VideoSaver Update => C:\Program Files (x86)\VideoSaver\vdsvrur.exe [2013-06-04] (VideoSaver)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7445EA0E-4B5A-467A-90FE-749903C4A3C9} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3621469631-227534573-1042001122-500
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C51414C5-5C5A-4A23-92C9-B391BAB69FEF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C743EEF2-BEAB-422E-917B-4B000E843CEC} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E7063DB5-3A45-4527-A574-0C12B8B5C8CB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E956A8D6-89DD-42D7-9C8C-FE59EFDB0DC5} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FDB1E766-A9E7-4B9D-9CFC-9510BFD41F3A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2013 08:08:49 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {fc8fa298-35e7-45f8-b477-10307a06ccc3}

Error: (06/18/2013 06:05:37 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070571.

Error: (06/18/2013 05:45:49 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {21236678-42c2-476f-a26a-fc649090f2ae}

Error: (06/18/2013 04:24:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/18/2013 03:30:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/18/2013 03:29:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/18/2013 08:06:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet: 
%%2147770990

Error: (06/18/2013 08:05:54 PM) (Source: BTHUSB) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/18/2013 08:04:28 PM) (Source: DCOM) (User: Andreas)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (06/18/2013 08:08:49 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {fc8fa298-35e7-45f8-b477-10307a06ccc3}

Error: (06/18/2013 06:05:37 PM) (Source: System Restore)(User: )
Description: Windows Update0x80070571

Error: (06/18/2013 05:45:49 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {21236678-42c2-476f-a26a-fc649090f2ae}

Error: (06/18/2013 04:24:20 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (06/18/2013 04:23:52 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (06/18/2013 03:30:13 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dllc:\program files (x86)\common files\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (06/18/2013 03:29:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8076.21 MB
Available physical RAM: 5464.04 MB
Total Pagefile: 9292.21 MB
Available Pagefile: 6602.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (TI30995500A) (Fixed) (Total:687.64 GB) (Free:435.16 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================
         
Gruss


Alt 19.06.2013, 15:39   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST Log bitte
__________________
--> Verlinkung im Mozilla (trkjmp.com etc.)

Alt 19.06.2013, 16:47   #7
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Vielen vielen Dank

Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 19/06/2013 um 17:19:28 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : ******* - *******
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\*******\Downloads\adwcleaner(1).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\windows\Tasks\VideoSaver Update.job
Ordner Gelöscht : C:\Program Files (x86)\VideoSaver

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\videosaver
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\videosaver@videosaver.net

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\prefs.js

Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "4");
Gelöscht : user_pref("extensions.delta.cntry", "CH");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "98B3257D65E555971DD5C60E289BE7FD");
Gelöscht : user_pref("extensions.delta.id", "0c45417400000000000084a6c8aa1576");
Gelöscht : user_pref("extensions.delta.instlDay", "15858");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.511:11:34");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.511:11:34");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=120695&tt=gc_");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

*************************

AdwCleaner[R1].txt - [4493 octets] - [05/06/2013 23:51:54]
AdwCleaner[R2].txt - [2697 octets] - [06/06/2013 00:19:44]
AdwCleaner[S1].txt - [4498 octets] - [05/06/2013 23:53:12]
AdwCleaner[S2].txt - [3459 octets] - [19/06/2013 17:19:28]

########## EOF - C:\AdwCleaner[S2].txt - [3519 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by ******* on 19.06.2013 at 17:28:54.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2C26BF94-8747-4395-9283-83DB9276B405}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\*******\AppData\Roaming\mozilla\firefox\profiles\pxgm5o7b.default\invalidprefs.js
Emptied folder: C:\Users\*******\AppData\Roaming\mozilla\firefox\profiles\pxgm5o7b.default\minidumps [33 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.06.2013 at 17:33:45.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-06-2013
Ran by ******* (administrator) on 19-06-2013 17:43:02
Running from C:\Users\*******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LALST7HW
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: []  [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h [215247 2012-08-20] ()
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2609064 2012-08-30] ()
HKLM\...\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2012-12-22] (Adobe Systems Incorporated)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: []  [x]
AppInit_DLLs: C:\windows\system32\nvinitx.dll [247144 2012-08-01] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKCU - {8FAB4D35-D8C4-45D2-9BA4-2DDFC0CB87BB} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 81.92.99.7 81.92.99.6

FireFox:
========
FF ProfilePath: C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: firefox - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\firefox@unfriendfinder.com.xpi
FF Extension: No Name - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [225216 2011-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-03-01] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-06-14] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-06-14] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-19] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [419160 2011-04-28] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\system32\drivers\tscusb2a.sys [53080 2011-04-28] (TASCAM)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-03-26] (Cisco Systems, Inc.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-19 17:33 - 2013-06-19 17:33 - 00001025 ____A C:\Users\*******\Desktop\JRT.txt
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\JRT
2013-06-19 17:26 - 2013-06-19 17:26 - 00000020 __ASH C:\Users\TEMP.*******.000\ntuser.ini
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Vorlagen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Startmenü
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Netzwerkumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Lokale Einstellungen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Eigene Dateien
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Druckumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Documents\Eigene Musik
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Documents\Eigene Bilder
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\AppData\Local\Verlauf
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\AppData\Local\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 ____D C:\users\TEMP.*******.000
2013-06-19 17:26 - 2012-12-22 20:01 - 00000000 ____D C:\Users\TEMP.*******.000\AppData\Roaming\Macromedia
2013-06-19 17:19 - 2013-06-19 17:19 - 00003588 ____A C:\AdwCleaner[S2].txt
2013-06-19 17:12 - 2013-06-19 17:13 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*******\Downloads\JRT(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*******\Downloads\adwcleaner(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*******\Downloads\JRT.exe
2013-06-19 17:11 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*******\Downloads\adwcleaner.exe
2013-06-19 04:20 - 2013-06-19 04:20 - 00204487 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371608412541
2013-06-18 20:34 - 2013-06-19 15:43 - 00027431 ____A C:\Users\*******\Downloads\Addition.txt
2013-06-18 20:34 - 2013-06-18 20:35 - 00046713 ____A C:\Users\*******\Downloads\FRST.txt
2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\*******\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 19:39 - 2013-06-18 19:43 - 00073970 ____A C:\Users\*******\Downloads\Extras.Txt
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\*******\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\*******\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\*******\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\*******\defogger_reenable
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\*******\Downloads\Defogger.exe
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\*******\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\*******\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\*******\Downloads\AdwCleaner.exe.part
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\*******\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:22 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-18 18:16 - 2013-06-18 18:17 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\*******\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371569956029
2013-06-18 17:04 - 2013-06-18 17:04 - 00204502 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371567881506
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-15 22:00 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-15 22:00 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 22:00 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-15 22:00 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 16:27 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-15 16:27 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 14:40 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 14:40 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 14:40 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 14:40 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 14:40 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 14:40 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 14:40 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 14:40 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 14:40 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 14:40 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 14:40 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 14:40 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 14:40 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-13 12:49 - 2013-06-13 12:52 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 00:22 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-13 00:22 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-13 00:22 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 00:22 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 00:22 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 00:22 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 00:22 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 00:22 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 00:22 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 00:22 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 00:22 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 00:22 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 00:22 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 00:22 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 22:45 - 2013-06-19 17:21 - 02061075 ____A C:\Windows\WindowsUpdate.log
2013-06-12 20:07 - 2013-06-12 20:08 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*******\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\*******\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\*******\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*******\Downloads\disk3610-defrag-setup.exe
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:53 - 2013-06-05 23:54 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:51 - 2013-06-05 23:52 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\*******\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:18 - 2013-06-05 23:20 - 102323272 ____A C:\Users\*******\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\*******\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\*******\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\*******\Downloads\JL_Trombone.sfArk
2013-06-02 11:59 - 2013-06-02 12:01 - 78920656 ____A (Plogue                                                      ) C:\Users\*******\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\*******\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\*******\Downloads\Bleep VSTi Setup.exe
2013-05-29 20:33 - 2013-05-29 20:34 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-21 11:11 - 2013-06-04 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-06-19 17:40 - 2013-03-07 18:03 - 00000000 ____D C:\Users\*******\Documents\Hacking
2013-06-19 17:33 - 2013-06-19 17:33 - 00001025 ____A C:\Users\*******\Desktop\JRT.txt
2013-06-19 17:31 - 2012-12-07 17:35 - 00001855 ____A C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\JRT
2013-06-19 17:26 - 2013-06-19 17:26 - 00000020 __ASH C:\Users\TEMP.*******.000\ntuser.ini
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Vorlagen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Startmenü
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Netzwerkumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Lokale Einstellungen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Eigene Dateien
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Druckumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Documents\Eigene Musik
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Documents\Eigene Bilder
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\AppData\Local\Verlauf
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\AppData\Local\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*******.000\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 ____D C:\users\TEMP.*******.000
2013-06-19 17:23 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-19 17:21 - 2013-06-12 22:45 - 02061075 ____A C:\Windows\WindowsUpdate.log
2013-06-19 17:19 - 2013-06-19 17:19 - 00003588 ____A C:\AdwCleaner[S2].txt
2013-06-19 17:14 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-19 17:13 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*******\Downloads\JRT(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*******\Downloads\adwcleaner(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*******\Downloads\JRT.exe
2013-06-19 17:12 - 2013-06-19 17:11 - 00648201 ____A C:\Users\*******\Downloads\adwcleaner.exe
2013-06-19 17:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-19 15:43 - 2013-06-18 20:34 - 00027431 ____A C:\Users\*******\Downloads\Addition.txt
2013-06-19 08:46 - 2012-08-01 18:38 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-19 08:46 - 2012-08-01 18:38 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-19 08:46 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-19 04:20 - 2013-06-19 04:20 - 00204487 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371608412541
2013-06-19 03:05 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-06-18 20:35 - 2013-06-18 20:34 - 00046713 ____A C:\Users\*******\Downloads\FRST.txt
2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\*******\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 19:43 - 2013-06-18 19:39 - 00073970 ____A C:\Users\*******\Downloads\Extras.Txt
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\*******\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\*******\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\*******\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\*******\defogger_reenable
2013-06-18 19:34 - 2012-11-11 00:05 - 00000000 ____D C:\users\*******
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\*******\Downloads\Defogger.exe
2013-06-18 19:25 - 2013-03-08 23:20 - 00000418 ____A C:\Users\*******\Desktop\Neues Textdokument (4).txt
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\*******\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\*******\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\*******\Downloads\AdwCleaner.exe.part
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\*******\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:17 - 2013-06-18 18:16 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\*******\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371569956029
2013-06-18 17:04 - 2013-06-18 17:04 - 00204502 ____A C:\Users\*******\AppData\Local\soulseek-client.dat.1371567881506
2013-06-17 14:56 - 2013-04-25 19:58 - 00000274 ____A C:\Users\*******\Desktop\Neues Textdokument (5).txt
2013-06-17 14:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-17 01:46 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-15 23:34 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-13 13:47 - 2013-02-20 21:28 - 00000000 ____D C:\Users\*******\AppData\Local\Spectrasonics
2013-06-13 12:52 - 2013-06-13 12:49 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 12:50 - 2012-12-13 19:46 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 05:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-06-12 22:47 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-12 20:26 - 2013-05-07 22:50 - 00000000 ____D C:\Users\*******\Documents\Registry Sicherung
2013-06-12 20:08 - 2013-06-12 20:07 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*******\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\*******\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\*******\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*******\Downloads\disk3610-defrag-setup.exe
2013-06-11 21:28 - 2013-03-03 16:03 - 00000000 ____D C:\Users\*******\AppData\Roaming\CodeBlocks
2013-06-11 16:33 - 2013-03-04 00:24 - 00004151 ____A C:\Users\*******\Desktop\endbrief.txt
2013-06-10 21:44 - 2012-11-11 00:05 - 00000000 ____D C:\Users\*******\AppData\Local\VirtualStore
2013-06-07 16:38 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-07 16:38 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-06-06 12:05 - 2013-02-25 15:49 - 00000912 ____A C:\Users\*******\Desktop\Neues Textdokument (3).txt
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:54 - 2013-06-05 23:53 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:52 - 2013-06-05 23:51 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\*******\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:20 - 2013-06-05 23:18 - 102323272 ____A C:\Users\*******\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 22:18 - 2012-11-28 20:19 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-06-05 21:38 - 2012-12-10 20:33 - 00000000 ____D C:\Users\*******\AppData\Local\Adobe
2013-06-05 20:42 - 2012-11-11 00:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-05 00:09 - 2013-05-19 14:27 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-05-19 14:27 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 11:18 - 2013-05-21 11:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-04 11:18 - 2012-11-11 00:55 - 00001158 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\*******\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\*******\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\*******\Downloads\JL_Trombone.sfArk
2013-06-02 21:50 - 2012-12-22 15:01 - 00000000 ____D C:\Users\*******\Documents\Fruity Loops Stuff
2013-06-02 12:01 - 2013-06-02 11:59 - 78920656 ____A (Plogue                                                      ) C:\Users\*******\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\*******\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\*******\Downloads\Bleep VSTi Setup.exe
2013-05-31 01:24 - 2013-06-15 22:00 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-31 01:08 - 2013-06-15 22:00 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-29 20:34 - 2013-05-29 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-25 13:02 - 2013-01-28 01:43 - 00001880 ____A C:\Users\*******\Desktop\Tor.lnk
2013-05-24 01:01 - 2013-06-15 22:00 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-24 00:27 - 2013-06-15 22:00 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-02 09:58

==================== End Of Log ============================
         
--- --- ---

Alt 19.06.2013, 19:43   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.06.2013, 13:51   #9
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Danke!
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e43424a49a825c4da6180948a56d5b2e
# engine=14113
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-20 02:04:41
# local_time=2013-06-20 04:04:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5122 16777214 66 88 1077947 134511259 0 0
# compatibility_mode=5893 16776574 100 94 6405030 12282980 0 0
# scanned=350306
# found=0
# cleaned=0
# scan_time=15390
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.64  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee Anti-Virus und Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 21  
 Adobe Flash Player 	11.7.700.202  
 Adobe Reader XI  
 Mozilla Firefox (21.0) 
 Mozilla Thunderbird (17.0.6) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 McAfee Online Backup MOBKbackup.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2013 02
Ran by ************* (administrator) on 20-06-2013 14:48:22
Running from C:\Users\*************\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Microsoft Corporation) C:\windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16455_none_624a7aa150f57306\TiWorker.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: []  [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h [215247 2012-08-20] ()
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2609064 2012-08-30] ()
HKLM\...\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2012-12-22] (Adobe Systems Incorporated)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: []  [x]
AppInit_DLLs: C:\windows\system32\nvinitx.dll [247144 2012-08-01] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKCU - {8FAB4D35-D8C4-45D2-9BA4-2DDFC0CB87BB} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 81.92.99.7 81.92.99.6

FireFox:
========
FF ProfilePath: C:\Users\*************\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: firefox - C:\Users\*************\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\firefox@unfriendfinder.com.xpi
FF Extension: No Name - C:\Users\*************\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\*************\AppData\Roaming\Mozilla\Firefox\Profiles\pxgm5o7b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [225216 2011-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-03-01] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-06-14] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-06-14] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-19] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [419160 2011-04-28] (TASCAM)
S3 TASCAM_US122L_MK2_WDM; C:\Windows\system32\drivers\tscusb2a.sys [53080 2011-04-28] (TASCAM)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-03-26] (Cisco Systems, Inc.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-20 14:22 - 2013-06-19 23:44 - 00890839 ____A C:\Users\*************\Desktop\SecurityCheck.exe
2013-06-20 01:57 - 2013-06-20 01:57 - 00206113 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371686221303
2013-06-19 23:46 - 2013-06-19 23:46 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-19 23:44 - 2013-06-19 23:44 - 00890839 ____A C:\Users\*************\Downloads\SecurityCheck.exe
2013-06-19 23:43 - 2013-06-19 23:43 - 02347384 ____A (ESET) C:\Users\*************\Downloads\esetsmartinstaller_enu.exe
2013-06-19 21:05 - 2013-06-19 21:05 - 00000797 ____A C:\Windows\setupact.log
2013-06-19 21:05 - 2013-06-19 21:05 - 00000000 ____A C:\Windows\setuperr.log
2013-06-19 17:33 - 2013-06-19 17:33 - 00001025 ____A C:\Users\*************\Desktop\JRT.txt
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\JRT
2013-06-19 17:26 - 2013-06-19 17:26 - 00000020 __ASH C:\Users\TEMP.*************.000\ntuser.ini
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Vorlagen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Startmenü
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Netzwerkumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Lokale Einstellungen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Eigene Dateien
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Druckumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Documents\Eigene Musik
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Documents\Eigene Bilder
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\AppData\Local\Verlauf
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\AppData\Local\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 ____D C:\users\TEMP.*************.000
2013-06-19 17:26 - 2012-12-22 20:01 - 00000000 ____D C:\Users\TEMP.*************.000\AppData\Roaming\Macromedia
2013-06-19 17:19 - 2013-06-19 17:19 - 00003588 ____A C:\AdwCleaner[S2].txt
2013-06-19 17:12 - 2013-06-19 17:13 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*************\Downloads\JRT(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*************\Downloads\adwcleaner(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*************\Downloads\JRT.exe
2013-06-19 17:11 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*************\Downloads\adwcleaner.exe
2013-06-19 04:20 - 2013-06-19 04:20 - 00204487 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371608412541
2013-06-18 20:34 - 2013-06-19 15:43 - 00027431 ____A C:\Users\*************\Downloads\Addition.txt
2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\*************\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 19:39 - 2013-06-18 19:43 - 00073970 ____A C:\Users\*************\Downloads\Extras.Txt
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\*************\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\*************\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\*************\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\*************\defogger_reenable
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\*************\Downloads\Defogger.exe
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\*************\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\*************\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\*************\Downloads\AdwCleaner.exe.part
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\*************\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:22 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-18 18:16 - 2013-06-18 18:17 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\*************\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371569956029
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-15 22:00 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-15 22:00 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 22:00 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-15 22:00 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 16:27 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-15 16:27 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 16:27 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 14:40 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-15 14:40 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-15 14:40 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-15 14:40 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-15 14:40 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-15 14:40 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-15 14:40 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-15 14:40 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-15 14:40 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 14:40 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 14:40 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 14:40 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 14:40 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 14:40 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 14:40 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 14:40 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-15 14:40 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-15 14:40 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-15 14:40 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-15 14:40 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 14:40 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-13 12:49 - 2013-06-13 12:52 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 00:22 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-13 00:22 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 00:22 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-13 00:22 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 00:22 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 00:22 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 00:22 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 00:22 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 00:22 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 00:22 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 00:22 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 00:22 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 00:22 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 00:22 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 00:22 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 00:22 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 00:22 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 00:22 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 00:22 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 22:45 - 2013-06-20 14:47 - 01227928 ____A C:\Windows\WindowsUpdate.log
2013-06-12 20:07 - 2013-06-12 20:08 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*************\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\*************\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\*************\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*************\Downloads\disk3610-defrag-setup.exe
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:53 - 2013-06-05 23:54 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:51 - 2013-06-05 23:52 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\*************\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:18 - 2013-06-05 23:20 - 102323272 ____A C:\Users\*************\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:38 - 2013-06-05 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\*************\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\*************\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\*************\Downloads\JL_Trombone.sfArk
2013-06-02 11:59 - 2013-06-02 12:01 - 78920656 ____A (Plogue                                                      ) C:\Users\*************\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\*************\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\*************\Downloads\Bleep VSTi Setup.exe
2013-05-29 20:33 - 2013-05-29 20:34 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-21 11:11 - 2013-06-04 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-06-20 14:47 - 2013-06-12 22:45 - 01227928 ____A C:\Windows\WindowsUpdate.log
2013-06-20 14:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-20 14:20 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-20 04:11 - 2013-03-07 18:03 - 00000000 ____D C:\Users\*************\Documents\Hacking
2013-06-20 01:57 - 2013-06-20 01:57 - 00206113 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371686221303
2013-06-20 00:24 - 2012-12-07 17:35 - 00001855 ____A C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-06-19 23:48 - 2012-08-01 18:38 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-19 23:48 - 2012-08-01 18:38 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-19 23:48 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-19 23:46 - 2013-06-19 23:46 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-19 23:44 - 2013-06-20 14:22 - 00890839 ____A C:\Users\*************\Desktop\SecurityCheck.exe
2013-06-19 23:44 - 2013-06-19 23:44 - 00890839 ____A C:\Users\*************\Downloads\SecurityCheck.exe
2013-06-19 23:43 - 2013-06-19 23:43 - 02347384 ____A (ESET) C:\Users\*************\Downloads\esetsmartinstaller_enu.exe
2013-06-19 23:27 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-19 21:05 - 2013-06-19 21:05 - 00000797 ____A C:\Windows\setupact.log
2013-06-19 21:05 - 2013-06-19 21:05 - 00000000 ____A C:\Windows\setuperr.log
2013-06-19 20:50 - 2013-02-20 21:28 - 00000000 ____D C:\Users\*************\AppData\Local\Spectrasonics
2013-06-19 17:33 - 2013-06-19 17:33 - 00001025 ____A C:\Users\*************\Desktop\JRT.txt
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-06-19 17:28 - 2013-06-19 17:28 - 00000000 ____D C:\JRT
2013-06-19 17:26 - 2013-06-19 17:26 - 00000020 __ASH C:\Users\TEMP.*************.000\ntuser.ini
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Vorlagen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Startmenü
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Netzwerkumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Lokale Einstellungen
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Eigene Dateien
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Druckumgebung
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Documents\Eigene Musik
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Documents\Eigene Bilder
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\AppData\Local\Verlauf
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\AppData\Local\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 __SHD C:\Users\TEMP.*************.000\Anwendungsdaten
2013-06-19 17:26 - 2013-06-19 17:26 - 00000000 ____D C:\users\TEMP.*************.000
2013-06-19 17:19 - 2013-06-19 17:19 - 00003588 ____A C:\AdwCleaner[S2].txt
2013-06-19 17:13 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*************\Downloads\JRT(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00648201 ____A C:\Users\*************\Downloads\adwcleaner(1).exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\*************\Downloads\JRT.exe
2013-06-19 17:12 - 2013-06-19 17:11 - 00648201 ____A C:\Users\*************\Downloads\adwcleaner.exe
2013-06-19 15:43 - 2013-06-18 20:34 - 00027431 ____A C:\Users\*************\Downloads\Addition.txt
2013-06-19 04:20 - 2013-06-19 04:20 - 00204487 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371608412541
2013-06-19 03:05 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-06-18 20:33 - 2013-06-18 20:33 - 01928282 ____A (Farbar) C:\Users\*************\Downloads\FRST64.exe
2013-06-18 20:33 - 2013-06-18 20:33 - 00000000 ____D C:\FRST
2013-06-18 19:43 - 2013-06-18 19:39 - 00073970 ____A C:\Users\*************\Downloads\Extras.Txt
2013-06-18 19:38 - 2013-06-18 19:38 - 00126622 ____A C:\Users\*************\Downloads\OTL.Txt
2013-06-18 19:35 - 2013-06-18 19:35 - 00377856 ____A C:\Users\*************\Downloads\gmer_2.1.19163.exe
2013-06-18 19:34 - 2013-06-18 19:34 - 00000482 ____A C:\Users\*************\Downloads\defogger_disable.log
2013-06-18 19:34 - 2013-06-18 19:34 - 00000000 ____A C:\Users\*************\defogger_reenable
2013-06-18 19:34 - 2012-11-11 00:05 - 00000000 ____D C:\users\*************
2013-06-18 19:26 - 2013-06-18 19:26 - 00050477 ____A C:\Users\*************\Downloads\Defogger.exe
2013-06-18 19:25 - 2013-03-08 23:20 - 00000418 ____A C:\Users\*************\Desktop\Neues Textdokument (4).txt
2013-06-18 19:17 - 2013-06-18 19:17 - 00602112 ____A (OldTimer Tools) C:\Users\*************\Downloads\OTL.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 05081021 ____A (Swearware) C:\Users\*************\Downloads\ComboFix.exe
2013-06-18 18:59 - 2013-06-18 18:59 - 00648201 ____A C:\Users\*************\Downloads\AdwCleaner.exe.part
2013-06-18 18:24 - 2013-06-18 18:24 - 00000000 ____D C:\Users\*************\AppData\Roaming\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00001120 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 18:22 - 2013-06-18 18:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-18 18:17 - 2013-06-18 18:16 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\*************\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-18 17:43 - 2013-06-18 17:43 - 04857792 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-18 17:39 - 2013-06-18 17:39 - 00204502 ____A C:\Users\*************\AppData\Local\soulseek-client.dat.1371569956029
2013-06-17 14:56 - 2013-04-25 19:58 - 00000274 ____A C:\Users\*************\Desktop\Neues Textdokument (5).txt
2013-06-17 14:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-17 01:46 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-17 00:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-15 23:34 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-15 23:33 - 2013-06-15 23:33 - 00001422 ____A C:\Windows\PFRO.log
2013-06-13 12:52 - 2013-06-13 12:49 - 00000000 ____D C:\efc46e5ea5c3beecd0d2d1dfb539e86a
2013-06-13 12:50 - 2012-12-13 19:46 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 05:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\registration
2013-06-12 22:47 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-12 20:26 - 2013-05-07 22:50 - 00000000 ____D C:\Users\*************\Documents\Registry Sicherung
2013-06-12 20:08 - 2013-06-12 20:07 - 12614304 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*************\Downloads\boost-speed-setup.exe
2013-06-12 19:57 - 2013-06-12 19:57 - 00001257 ____A C:\Users\*************\Desktop\Auslogics Disk Defrag.lnk
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Users\*************\AppData\Roaming\Auslogics
2013-06-12 19:57 - 2013-06-12 19:57 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-06-12 19:55 - 2013-06-12 19:55 - 07859160 ____A (Auslogics Software Pty Ltd                                  ) C:\Users\*************\Downloads\disk3610-defrag-setup.exe
2013-06-11 21:28 - 2013-03-03 16:03 - 00000000 ____D C:\Users\*************\AppData\Roaming\CodeBlocks
2013-06-11 16:33 - 2013-03-04 00:24 - 00004151 ____A C:\Users\*************\Desktop\endbrief.txt
2013-06-10 21:44 - 2012-11-11 00:05 - 00000000 ____D C:\Users\*************\AppData\Local\VirtualStore
2013-06-07 16:38 - 2012-12-07 17:33 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-07 16:38 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-06-06 12:05 - 2013-02-25 15:49 - 00000912 ____A C:\Users\*************\Desktop\Neues Textdokument (3).txt
2013-06-06 00:19 - 2013-06-06 00:19 - 00002697 ____A C:\AdwCleaner[R2].txt
2013-06-05 23:54 - 2013-06-05 23:53 - 00004498 ____A C:\AdwCleaner[S1].txt
2013-06-05 23:52 - 2013-06-05 23:51 - 00004493 ____A C:\AdwCleaner[R1].txt
2013-06-05 23:51 - 2013-06-05 23:51 - 00632031 ____A C:\Users\*************\Downloads\adwcleaner_2.3.0.1.exe
2013-06-05 23:20 - 2013-06-05 23:18 - 102323272 ____A C:\Users\*************\Downloads\avira_free3640_antivirus_de.exe
2013-06-05 22:18 - 2012-11-28 20:19 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-06-05 21:38 - 2012-12-10 20:33 - 00000000 ____D C:\Users\*************\AppData\Local\Adobe
2013-06-05 20:42 - 2012-11-11 00:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-05 20:39 - 2013-06-05 20:39 - 00001794 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-05 20:39 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-05 20:38 - 2013-06-05 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-05 00:09 - 2013-05-19 14:27 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-05-19 14:27 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 11:18 - 2013-05-21 11:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-04 11:18 - 2012-11-11 00:55 - 00001158 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-04 11:17 - 2013-06-04 11:17 - 21151576 ____A (Mozilla) C:\Users\*************\Downloads\Firefox Setup 21.0.exe
2013-06-04 11:09 - 2013-06-04 11:09 - 02828552 ____A (AVAST Software) C:\Users\*************\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-06-02 22:05 - 2013-06-02 22:05 - 00680578 ____A C:\Users\*************\Downloads\JL_Trombone.sfArk
2013-06-02 21:50 - 2012-12-22 15:01 - 00000000 ____D C:\Users\*************\Documents\Fruity Loops Stuff
2013-06-02 12:01 - 2013-06-02 11:59 - 78920656 ____A (Plogue                                                      ) C:\Users\*************\Downloads\WIN_chipsounds_v1.625.exe
2013-06-02 11:08 - 2013-06-02 11:08 - 00231646 ____A C:\Users\*************\Downloads\protopsg005.zip
2013-06-02 11:06 - 2013-06-02 11:06 - 03111076 ____A C:\Users\*************\Downloads\Bleep VSTi Setup.exe
2013-05-31 01:24 - 2013-06-15 22:00 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-31 01:08 - 2013-06-15 22:00 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-05-29 20:34 - 2013-05-29 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-25 13:02 - 2013-01-28 01:43 - 00001880 ____A C:\Users\*************\Desktop\Tor.lnk
2013-05-24 01:01 - 2013-06-15 22:00 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-24 00:27 - 2013-06-15 22:00 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-02 09:58

==================== End Of Log ============================
         
--- --- ---

Alt 20.06.2013, 14:27   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.06.2013, 18:28   #11
Dukkha
 
Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



Nein, habe gerade gesehen, es ist alles wieder beim alten. Vielen vielen Dank! Wünsch dir einen schönen Abend!

Alt 20.06.2013, 18:33   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Verlinkung im Mozilla (trkjmp.com etc.) - Standard

Verlinkung im Mozilla (trkjmp.com etc.)



aufräumen und fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Verlinkung im Mozilla (trkjmp.com etc.)
bestimmte, browser, eingefangen, forum, gefangen, gefunde, gen, gesuch, gesucht, gratis, laufe, laufen, malware, mcafee, mozilla, nichts, nvpciflt.sys, problem, reich, threads, verlinkung, vermutlich, wildtangent games, woche, wochen, wörter



Ähnliche Themen: Verlinkung im Mozilla (trkjmp.com etc.)


  1. Verlinkungen im Internet-Browser ( i.trkjmp.com)
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (26)
  2. Verlinkung einzelner Wörter zu Pop-up Fenstern!
    Log-Analyse und Auswertung - 22.03.2013 (17)
  3. Unerwünschte Verlinkung im Internet-Browser (=> i.trkjmp.com) - scheint
    Plagegeister aller Art und deren Bekämpfung - 16.02.2013 (13)
  4. Unerwünschte Verlinkung - vermutlich mit http://i.trkjmp.com/crossdomain.xm - Trojaner am Werk?
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (5)
  5. Avast blockiert URL:Mal auf nahezu jeder Website [http://i.trkjmp.com/crossdomain.xml]
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (1)
  6. Falsche Verlinkung durch Google
    Log-Analyse und Auswertung - 19.06.2011 (36)
  7. Fehlerhafte Google Verlinkung
    Log-Analyse und Auswertung - 11.02.2010 (4)
  8. falsche Verlinkung
    Plagegeister aller Art und deren Bekämpfung - 09.05.2009 (19)
  9. verlinkung falsch
    Log-Analyse und Auswertung - 26.11.2008 (12)
  10. Verlinkung aus Suchmaschinen falsch ...
    Mülltonne - 23.11.2008 (0)
  11. falsche Verlinkung google
    Log-Analyse und Auswertung - 16.11.2008 (0)
  12. Storageprotector.com Verlinkung auf Desktop
    Plagegeister aller Art und deren Bekämpfung - 05.01.2008 (1)
  13. verlinkung ist falsch
    Plagegeister aller Art und deren Bekämpfung - 25.10.2007 (2)
  14. Win-eto verlinkung hört nicht auf
    Log-Analyse und Auswertung - 20.11.2004 (11)

Zum Thema Verlinkung im Mozilla (trkjmp.com etc.) - Hallo, Ich habe einen Malware die in meinem Browser bestimmte Wörter unterstreicht und diese verlinkt. Ich habe hier im Forum ein bisschen gesucht und habe Threads mit dem gleichen Problem - Verlinkung im Mozilla (trkjmp.com etc.)...
Archiv
Du betrachtest: Verlinkung im Mozilla (trkjmp.com etc.) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.