Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.07.2013, 05:59   #1
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Hallo,
gestern habe ich Deltasearch von meinem PC (Windows 8/64) entfernt .
Jetzt kommt beim Hochfahren die Meldung
"C:\Program Files(x86)\HomeTab\TBupdter.dll nicht gefunden".

Hier im Forum habe ich gefunden, dass es sich dabei um einen Trojaner handelt.
Habe FRST64 ausgeführt.
Log-Dateien im Anhang.

Was muss ich tun?
Danke für Hilfe.
Beste Grüße
Herbert
Angehängte Dateien
Dateityp: txt FRST.txt (71,5 KB, 232x aufgerufen)
Dateityp: txt Addition.txt (41,3 KB, 174x aufgerufen)
Dateityp: txt Ereignisse.txt (732 Bytes, 146x aufgerufen)

Alt 13.07.2013, 08:37   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Hi,

Logs bitte in den Thread posten.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 13.07.2013, 18:27   #3
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Hi Schrauber,

sorry. Jetzt versuch ich's richtig zu machen:

Code:
ATTFilter
Exportierte Ereignisse:

12.07.2013 10:07 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\WebCake\OptChrome.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Downloader.Gen2' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55042661.qua' 
      verschoben!
         
FRST.txt:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-07-2013 02
Ran by Herbert (administrator) on 13-07-2013 06:35:48
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfus.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfagent.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\x64\LiveKitLoader64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe" 
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-02-28] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952 2013-03-11] (SPAMfighter ApS)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-02-28] (SPAMfighter ApS)
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\Users\All Users\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: LyricsSpeaker - {15467C9F-3784-4109-89C9-6ED7100B96B8} - C:\Program Files (x86)\LyricsSpeaker\120.dll (LyricsSpeaker LTD)
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.fasteasy.at
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: HomeTab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lspeaker@lyricsspeaker.net] C:\Program Files (x86)\LyricsSpeaker\120.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsSpeaker\120.xpi

Chrome: 
=======
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HomeTab) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\4.1
CHR Extension: (LyricsSpeaker) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.120
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SPAMfighter Update Service; C:\Program Files (x86)\SPAMfighter\sfus.exe [216608 2013-04-29] (SPAMfighter ApS)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1270816 2013-01-17] (SPAMfighter ApS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /svc [x]
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /medsvc [x]
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-13 06:33 - 2013-07-13 06:33 - 01777811 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-11 19:36 - 2013-07-11 19:36 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-10 04:33 - 2013-07-10 04:33 - 00000000 ____D C:\Program Files (x86)\LyricsSpeaker
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\Users\All Users\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 09:02 - 2013-07-09 12:03 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 18:29 - 2013-07-06 08:56 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Systweak
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-13 06:27 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-05 16:11 - 2013-07-12 21:16 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 18:28 - 2013-07-13 06:30 - 00000420 _____ C:\Windows\Tasks\LyricsSpeaker Update.job
2013-07-04 18:28 - 2013-07-10 04:33 - 00003064 _____ C:\Windows\System32\Tasks\LyricsSpeaker Update
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-03 07:42 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\Users\All Users\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\All Users\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 09:40 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 09:40 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 09:40 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 09:40 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 09:40 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 09:40 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 09:40 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 09:40 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 09:40 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 09:40 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 09:40 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 09:40 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 09:40 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml
2013-06-14 10:13 - 2013-06-14 14:38 - 00000000 ____D C:\FontsHelv
2013-06-14 09:16 - 2013-07-10 04:52 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-06-14 09:16 - 2013-06-14 09:16 - 00000000 ____D C:\Program Files\Oracle
2013-06-13 17:27 - 2013-06-13 17:29 - 00524288 _____ C:\Users\Herbert\Documents\ae130603.accdb

==================== One Month Modified Files and Folders =======

2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-13 06:33 - 2013-07-13 06:33 - 01777811 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-13 06:33 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-13 06:32 - 2013-01-30 18:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-13 06:30 - 2013-07-04 18:28 - 00000420 _____ C:\Windows\Tasks\LyricsSpeaker Update.job
2013-07-13 06:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-13 06:29 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-13 06:28 - 2013-02-01 17:43 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-13 06:28 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-13 06:27 - 2013-07-05 16:11 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-13 06:27 - 2013-05-13 09:14 - 00000368 _____ C:\Windows\Tasks\rbmonitor.job
2013-07-12 22:06 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-12 22:05 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-12 21:56 - 2012-11-29 20:05 - 01248749 _____ C:\Windows\WindowsUpdate.log
2013-07-12 21:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-12 21:16 - 2013-07-05 16:11 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-12 21:09 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 20:15 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:12 - 2013-01-30 19:11 - 00000000 ____D C:\Users\All Users\NVIDIA
2013-07-12 10:12 - 2012-11-29 03:11 - 00064044 _____ C:\Windows\PFRO.log
2013-07-12 10:12 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 09:20 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-12 09:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-12 08:10 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 19:36 - 2013-07-11 19:36 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-07-11 19:24 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\Users\All Users\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-07-10 07:21 - 2013-01-31 07:08 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-10 04:33 - 2013-07-10 04:33 - 00000000 ____D C:\Program Files (x86)\LyricsSpeaker
2013-07-10 04:33 - 2013-07-04 18:28 - 00003064 _____ C:\Windows\System32\Tasks\LyricsSpeaker Update
2013-07-09 18:39 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-09 18:39 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-09 18:39 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-09 12:03 - 2013-07-06 09:02 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-07 18:04 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-07 18:04 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:56 - 2013-07-05 18:29 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Systweak
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 18:20 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 07:42 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\Users\All Users\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\Users\All Users\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\All Users\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\Users\All Users\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-15 07:05 - 2013-01-31 08:56 - 00083968 ___SH C:\Users\Herbert\Desktop\Thumbs.db
2013-06-14 20:31 - 2012-02-09 12:53 - 00000000 ____D C:\Users\Herbert\Documents\Magischer Aktenkoffer
2013-06-14 14:38 - 2013-06-14 10:13 - 00000000 ____D C:\FontsHelv
2013-06-14 09:16 - 2013-06-14 09:16 - 00000000 ____D C:\Program Files\Oracle
2013-06-13 17:29 - 2013-06-13 17:27 - 00524288 _____ C:\Users\Herbert\Documents\ae130603.accdb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-07-2013 02
Ran by Herbert at 2013-07-13 06:36:52
Running from C:\Users\Herbert\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727)
 Tools for .Net 3.5 (x32 Version: 3.11.50727)
7-Zip 9.22beta (x32)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Alle meine Passworte 2.70 (x32)
Android-Sync v0.396 (x32)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft PhotoImpression 6 (x32 Version: 6.1.8.146)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audacity Recovery Utility (x32)
Avira Antivirus Premium (x32 Version: 13.0.0.3737)
Bamboo Dock (x32 Version: 4.1)
Bamboo Dock (x32 Version: 4.1.0)
Bamboo Tablets Tutorial (x32 Version: 3.0.20)
Bonjour (Version: 3.0.0.10)
calibre (x32 Version: 0.9.36)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
Classic Shell (Version: 3.6.7)
Clever Privacy (x32 Version: 1.0.0.38)
Custom UI Editor for Microsoft Office (x32 Version: 3.14.1592)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727)
dows-Treiberpaket - Android-Sync.com (WinUSB) AndroidUsbDeviceClass  (05/01/2013 13.0.0501.00000) (Version: 05/01/2013 13.0.0501.00000)
Epson Copy Utility 3.5 (x32 Version: 3.5.0.0)
EPSON Scan (x32)
Erforderliche Komponenten für SSDT  (x32 Version: 11.1.3000.0)
Falk Navi-Manager (x32 Version: 2.16.0)
Falk Navi-Manager (x32 Version: 2.16.2)
Falk Navi-Manager classic (x32 Version: 2.11.0)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
Foxit Reader (x32 Version: 6.0.3.524)
Free Driver Scout (Version: 1.0.0.111)
Free Driver Scout (x32 Version: 1.0.0.111)
GDR 2218 für SQL Server 2012 (KB2716442) (64-bit) (Version: 11.0.2218.0)
GMX Upload-Manager (x32 Version: 2.0.670)
Google Chrome (x32 Version: 28.0.1500.71)
Google Drive (x32 Version: 1.10.4769.632)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.149)
GPL Ghostscript (x32 Version: 9.04)
Greenshot (x32)
HomeTab 4.1 (x32 Version: 4.1)
ImgBurn (x32 Version: 2.5.7.0)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
LAME v3.98.2 for Audacity (x32)
LyricsSpeaker (x32)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Garage Mouse without Borders (x32 Version: 2.1.2.1212)
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727)
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Report Viewer 2012 Runtime (x32 Version: 11.0.2100.60)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server 2012 (64-bit)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.1.2820.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.1.2820.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2218.0)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3128.0)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (Version: 11.1.3000.0)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (x32 Version: 10.3.20116.0)
Microsoft SQL Server Data Tools - DEU (11.1.21208.0) (x32 Version: 11.1.21208.0)
Microsoft SQL Server Data Tools 2012 (x32 Version: 11.1.21208.0)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.21208.0) (x32 Version: 11.1.21208.0)
Microsoft SQL Server System CLR Types (x32 Version: 10.51.2500.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integrated) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integrated) (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Integriert) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integriert) Language Pack - DEU (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isolated) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Isoliert) Language Pack - DEU (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isoliert) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (x32 Version: 10.0.40220)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (x32 Version: 10.0.40220)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727)
Microsoft VSS Writer for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3000.0)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3000.0)
Miranda IM 0.10.10 (x32 Version: 0.10.10)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 14.0.1468.721)
MySQL Connector/ODBC 5.1 (Version: 5.1.8)
Nero 12 Kwik Burn Express Essentials (x32 Version: 12.3.00700)
Nero Blu-ray Player (x32 Version: 12.0.20012)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)
Nero ControlCenter (x32 Version: 11.0.15500)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000)
Nero Core Components (x32 Version: 11.0.19400)
Nero Express (x32 Version: 12.0.28001)
Nero Express Help (CHM) (x32 Version: 12.0.5000)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.7000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero Launcher (x32 Version: 12.2.7000)
Nero Prerequisite Installer 2.0 (x32 Version: 12.0.01000)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
Notepad++ (x32 Version: 6.3.3)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
OUTDATEfighter (x32 Version: 1.1.66)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017)
Paint.NET v3.5.5 (Version: 3.55.0)
Perfect Effects 3 Free (x32 Version: 3.0.2)
PhraseExpress v9.1.36 (x32 Version: 9.1.36)
Prerequisite installer (x32 Version: 12.0.0003)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6886)
Safari (x32 Version: 5.34.57.2)
Shrew Soft VPN Client
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 6.3 (x32 Version: 6.3.107)
SPAMfighter (x32 Version: 7.6.30)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Spyware Terminator 2012 (x32 Version: 3.0.0.82)
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60)
SQL Server 2012 Common Files (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60)
SQL Server 2012 Documentation Components (Version: 11.0.2100.60)
SQL Server 2012 Full text search (Version: 11.0.2100.60)
SQL Server 2012 Management Studio (Version: 11.0.2100.60)
SQL Server 2012 Reporting Services (Version: 11.0.2100.60)
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60)
SQL Server Browser for SQL Server 2012 (x32 Version: 11.0.2100.60)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60)
SQLyog 9.10  (x32 Version: 9.10 )
STK02N 2.4 (x32 Version: 2.4)
SugarSync (x32 Version: 2.0.27.114357)
TeamViewer 8 (x32 Version: 8.0.19617)
Uniblue RegistryBooster (x32 Version: 6.1.1.1)
UPC Install Master (x32 Version: 1.1.0.22)
Update for Microsoft Access 2013 (KB2760350) 32-Bit Edition (x32)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760538) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767851) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2810010) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2810014) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817320) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817482) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817492) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2817467) 32-Bit Edition (x32)
Update for Microsoft Outlook 2013 (KB2817468) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2810006) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2817469) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2810008) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219)
Update for Microsoft Word 2013 (KB2767863) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2810086) 32-Bit Edition (x32)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Wacom (Version: 5.3.2-1)
Wacom Tablett (Version: 6.3.5w3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Winamp (x32 Version: 5.621 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Word 2007 Content Control Toolkit (x32 Version: 1.3.0)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {096CD7E9-78E3-4943-B8B4-6B522F0104B0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {13AF2AE5-59FD-47BE-AE12-C8A832137173} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {19CFD90F-FBC5-4DCE-A6AB-741B5962C46B} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2495144B-E77D-4062-B157-E7EC1552CDBE} - System32\Tasks\rbmonitor => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2013-01-08] (Uniblue Systems Limited)
Task: {25DE89AE-F260-461F-88D9-E9141011EDFC} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {2FD5749D-FAE9-4EFF-9EA7-CCD2C4FDA92E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {39D303D6-D7C6-424D-91B2-E490859DDBD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12] (Adobe Systems Incorporated)
Task: {3A4F8190-C88C-4702-B1F4-875F59ECB143} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3C8E35B7-6FED-4BB9-B490-E76C90835367} - System32\Tasks\LyricsSpeaker Update => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe [2013-07-08] (LyricsSpeaker LTD)
Task: {3CD4D4E0-0B31-4A46-83C5-E8B25C5093E5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {3FDE9E19-49D4-4C46-8725-B224A282A996} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1006
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4A24A1C0-1A44-4FEF-BCBE-BE436BFEB0D0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4EBFBD6F-470B-4692-8EFB-443814211F72} - System32\Tasks\RegClean Prosch => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe No File
Task: {53D04BFC-CE0C-44EE-8D66-6DB614D7DD56} - System32\Tasks\Software Updater Ui => C:\PROGRAM FILES\SOFTWAREUPDATER\SoftwareUpdater.Ui.exe No File
Task: {54705E13-E18E-420C-8601-2B849D672038} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {58BA99F1-6DFE-4CF9-8A14-E0702B6B6889} - System32\Tasks\EPUpdater => C:\Users\Herbert\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {60352F3B-C72E-432E-A9D4-E2E4820D2399} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-02] (Microsoft Corporation)
Task: {617D7643-8701-4206-BA5C-93412176DF83} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7449FB00-49E7-4A1A-B2AE-6D915DAAF923} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {793CCE19-8904-417F-BA41-DE223F9E9DD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe No File
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7ECE3A16-9C96-404C-ADAA-2994B85ED504} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {8079C859-175D-4B42-A73D-6779A66B903C} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8C3EB2CE-07ED-4360-9456-C0701A33772F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {9790C766-9CB6-4C6B-8F49-650FB60CD6AA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B34739A4-D7DE-47DA-8DD9-B17658C5AF70} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3455799945-794626198-3976200442-1006 => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {B36DBBAE-C287-4EE4-9DCD-B56AD08E46A1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {B419E35E-1E84-479C-BD37-2A0B88F36810} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2012-07-26] (Microsoft Corporation)
Task: {B84846C1-A1F2-474C-81AB-DEAD439CFB10} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C9E32166-07B3-4B80-AC7E-53F300153DE7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe No File
Task: {C9FAF460-8203-4CB1-83F3-2ADB88AE7C0A} - System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148} => C:\Windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D338B956-B280-4275-99E2-6DDCB3D1951E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {DF0D9557-A1ED-416D-8D1D-96D4DA93F25A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {E21570B9-B897-4F71-9761-90BF41D74CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F3476ABC-D499-4DFB-B15A-43125C314242} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe No File
Task: {F6C032ED-0158-47B9-AF17-8D349D6A9049} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {F9CA4645-AD2C-4D6A-BE12-03451F1D9556} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {FB30D6D0-64A8-46E7-B96E-38EFF87EFBF6} - System32\Tasks\Software Updater => C:\PROGRAM FILES\SOFTWAREUPDATER\SOFTWAREUPDATER.BOOTSTRAPPER.EXE No File
Task: {FDE26651-08FB-40FE-93F8-5952D55FFD87} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {FED92FF3-C5F2-4553-9DB3-94427D831FDD} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsSpeaker Update.job => C:\Program Files (x86)\LyricsSpeaker\LyricsUpd.exe
Task: C:\Windows\Tasks\rbmonitor.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: C:\Windows\Tasks\RegClean Prosch.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2013 06:28:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/12/2013 10:13:49 AM) (Source: Report Server Windows Service (SQLHERBERT)) (User: )
Description: Report Server Windows Service (SQLHERBERT) cannot connect to the report server database.

Error: (07/12/2013 10:13:47 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/12/2013 10:08:20 AM) (Source: MSSQL$SQLHERBERT) (User: )
Description: The fulltext filter daemon host (FDHost) process has stopped abnormally. This can occur if an incorrectly configured or malfunctioning linguistic component, such as a wordbreaker, stemmer or filter has caused an irrecoverable error during full-text indexing or query processing. The process will be restarted automatically.

Error: (07/12/2013 09:08:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/12/2013 09:05:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/12/2013 08:10:27 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GoogleCrashHandler.exe, Version: 1.3.21.149, Zeitstempel: 0x51b66bd7
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x186c
Startzeit der fehlerhaften Anwendung: 0xGoogleCrashHandler.exe0
Pfad der fehlerhaften Anwendung: GoogleCrashHandler.exe1
Pfad des fehlerhaften Moduls: GoogleCrashHandler.exe2
Berichtskennung: GoogleCrashHandler.exe3
Vollständiger Name des fehlerhaften Pakets: GoogleCrashHandler.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GoogleCrashHandler.exe5


System errors:
=============
Error: (07/13/2013 06:27:18 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/13/2013 06:27:18 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/12/2013 10:15:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DealPly Live-Dienst (dealplylive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/12/2013 10:14:18 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/12/2013 10:14:18 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/12/2013 10:13:49 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/12/2013 10:13:49 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/12/2013 10:11:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apache2.2" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%1

Error: (07/12/2013 10:11:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/12/2013 07:33:56 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80


Microsoft Office Sessions:
=========================
Error: (07/13/2013 06:28:11 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (07/12/2013 10:07:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/12/2013 10:13:49 AM) (Source: Report Server Windows Service (SQLHERBERT))(User: )
Description: Report Server Windows Service (SQLHERBERT)

Error: (07/12/2013 10:13:47 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (07/12/2013 10:08:20 AM) (Source: MSSQL$SQLHERBERT)(User: )
Description: 

Error: (07/12/2013 09:08:26 AM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (07/12/2013 09:05:11 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (07/12/2013 08:10:27 AM) (Source: Application Error)(User: )
Description: GoogleCrashHandler.exe1.3.21.14951b66bd7browse~1.dll2.6.1339.144519ddca2c00000050015c5e2186c01ce7ec680f6e189C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dllbec341cd-eab9-11e2-bed5-001a7dda710f


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8153.99 MB
Available physical RAM: 5390.03 MB
Total Pagefile: 24153.99 MB
Available Pagefile: 20624.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:615.57 GB) (Free:514.87 GB) NTFS (Disk=0 Partition=2)
Drive e: (Volume) (Fixed) (Total:781.25 GB) (Free:690.6 GB) NTFS (Disk=0 Partition=3)
Drive f: (INTENSO) (Fixed) (Total:2793.83 GB) (Free:2053.04 GB) FAT32 (Disk=1 Partition=1)
Drive p: (HD100ext) (Fixed) (Total:93.16 GB) (Free:63.59 GB) NTFS (Disk=3 Partition=1)
Drive r: () (Removable) (Total:0.96 GB) (Free:0.01 GB) NTFS (Disk=4 Partition=1)
Drive z: (FotoHD) (Fixed) (Total:1863.01 GB) (Free:1841.47 GB) NTFS (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: EF37055A)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=616 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: F62F1CB1)
Partition 1: (Active) - (Size=-198627557376) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 93 GB) (Disk ID: FFDF5C44)
Partition 1: (Active) - (Size=93 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 980 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=980 MB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Beste Grüße
Herbert
__________________

Alt 13.07.2013, 19:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Alles mit Lyrics und alles mit Regclean deinstallieren.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
2013-07-11 19:36 - 2013-07-11 19:36 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.07.2013, 19:50   #5
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Lyrics deinstalliert.
RegClean nicht gefunden.
Fixlist.txt gespeichert.
FRST64 gestartet: Folgt Meldung:
"Your Version of FRST64 is outdated. …recommendet to dpwnload latest version.
Click Yes to download. Click no to contiume withot updating."
Download or Continue?


Alt 13.07.2013, 20:59   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



download
__________________
--> Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden

Alt 14.07.2013, 07:20   #7
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Hallo Schrauber,

danke für die prompte Reaktion.
FRST ausgeführt.
"Fix" erst erfolgreich, als ich deinen Text erneut als Fixit.txt gespeichert habe:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2013
Ran by Herbert at 2013-07-14 07:50:51 Run:1
Running from C:\Users\Herbert\Desktop
Boot Mode: Normal
==============================================

C:\Windows\System32\Tasks\ProtectedSearch => Moved successfully.

==== End of Fixlog ====
         
AdwCleaner asugeführt:
Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 14/07/2013 um 07:54:43 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Herbert - PCHERBERT
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Herbert\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan
Ordner Gelöscht : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkojdlfbcgjhhjmdgdbbbbbnfjpepbcj
Ordner Gelöscht : C:\Users\Herbert\AppData\LocalLow\SimplyTech

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\90d88ce76eea12

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [44070 octets] - [12/07/2013 10:06:00]
AdwCleaner[S1].txt - [45177 octets] - [12/07/2013 10:07:40]
AdwCleaner[S2].txt - [1346 octets] - [14/07/2013 07:54:43]

########## EOF - C:\AdwCleaner[S2].txt - [1406 octets] ##########
         
Junk Removal Tool asugeführt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 8 x64
Ran by Herbert on 14.07.2013 at  8:01:46,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] dealplylive 
Successfully deleted: [Service] dealplylive 
Successfully stopped: [Service] dealplylivem 
Successfully deleted: [Service] dealplylivem 
Successfully stopped: [Service] spamfighter update service 
Successfully deleted: [Service] spamfighter update service 
Successfully stopped: [Service] suite service 
Successfully deleted: [Service] suite service 



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\commontoolkittray



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\dealplylive.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f511afdb-726e-4458-90e7-1ecb97406544}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{0afd55c8-adf8-4a33-a6e1-dedb7a36aeb4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mime\database\content type\application/x-vnd.dpliveupdate.oneclickctrl.9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mime\database\content type\application/x-vnd.dpliveupdate.update3webcontrol.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows nt\currentversion\image file execution options\dealplylive.exe



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\LYRICSUPD.EXE-4FD811E9.pf



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\fighters"
Failed to delete: [Folder] "C:\Users\Herbert\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Herbert\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Herbert\appdata\local\fighters"
Successfully deleted: [Folder] "C:\Users\Herbert\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files (x86)\fighters"



~~~ FireFox

Successfully deleted: [File] C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\0srbdi19.default\invalidprefs.js
Emptied folder: C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\0srbdi19.default\minidumps [24 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.07.2013 at  8:04:36,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Herbert (administrator) on 14-07-2013 08:17:08
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfagent.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\x64\LiveKitLoader64.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] - %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe" 
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-02-28] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-02-28] (SPAMfighter ApS)
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.fasteasy.at
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: HomeTab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome: 
=======
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HomeTab) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\4.1
CHR Extension: (LyricsSpeaker) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.120
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:54 - 2013-07-14 07:55 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:48 - 2013-07-14 07:49 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:36 - 2013-07-13 06:37 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 09:02 - 2013-07-09 12:03 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-14 08:16 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-05 16:11 - 2013-07-14 07:57 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-03 07:42 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 09:40 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 09:40 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 09:40 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 09:40 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 09:40 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 09:40 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 09:40 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 09:40 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 09:40 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 09:40 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 09:40 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 09:40 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 09:40 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml
2013-06-14 10:13 - 2013-06-14 14:38 - 00000000 ____D C:\FontsHelv
2013-06-14 09:16 - 2013-07-10 04:52 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-06-14 09:16 - 2013-06-14 09:16 - 00000000 ____D C:\Program Files\Oracle

==================== One Month Modified Files and Folders =======

2013-07-14 08:16 - 2013-07-05 16:11 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-14 08:14 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 08:09 - 2013-02-01 17:43 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-14 08:08 - 2013-01-30 18:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:02 - 2013-05-13 09:14 - 00000368 _____ C:\Windows\Tasks\rbmonitor.job
2013-07-14 08:02 - 2013-02-01 04:25 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Fighters
2013-07-14 08:02 - 2013-02-01 04:25 - 00000000 ____D C:\ProgramData\Fighters
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 08:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-14 07:57 - 2013-07-05 16:11 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-14 07:57 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-14 07:57 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 07:57 - 2013-01-30 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 07:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 07:55 - 2013-07-14 07:54 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:49 - 2013-07-14 07:48 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-14 07:49 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-14 07:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 07:30 - 2012-11-29 20:05 - 01327834 _____ C:\Windows\WindowsUpdate.log
2013-07-13 21:07 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-13 21:07 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-13 07:15 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 07:09 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 07:09 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:37 - 2013-07-13 06:36 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:12 - 2012-11-29 03:11 - 00064044 _____ C:\Windows\PFRO.log
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 09:20 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-12 09:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 19:24 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 07:21 - 2013-01-31 07:08 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 18:39 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-09 18:39 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-09 18:39 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-09 12:03 - 2013-07-06 09:02 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 18:20 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 07:42 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-15 07:05 - 2013-01-31 08:56 - 00083968 ___SH C:\Users\Herbert\Desktop\Thumbs.db
2013-06-14 20:31 - 2012-02-09 12:53 - 00000000 ____D C:\Users\Herbert\Documents\Magischer Aktenkoffer
2013-06-14 14:38 - 2013-06-14 10:13 - 00000000 ____D C:\FontsHelv
2013-06-14 09:16 - 2013-06-14 09:16 - 00000000 ____D C:\Program Files\Oracle

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Hoffentlich habe ich alles richtig gemacht.
Beste Grüße
Herbert

Alt 14.07.2013, 12:38   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 05:28   #9
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Eset, log.txt:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=45eb055e49a4a745878474f7bc039b2a
# engine=14394
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-15 02:37:03
# local_time=2013-07-15 04:37:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776574 100 94 9388969 16236295 0 0
# compatibility_mode=7937 16777214 28 75 503155 8067149 0 0
# scanned=416774
# found=1
# cleaned=0
# scan_time=34456
sh=6EA3497312EEB53D58536D96519FACB620ECEE1A ft=1 fh=f7cbd46de3740e71 vn="multiple threats" ac=I fn="C:\Users\Herbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7D7DQ5L\WebCakesetup[1].exe"
         
SecurityCheck ausgeführt. ->
Nach "Collecting information" -> Meldung "cmdinfo.exe funktioniert nicht mehr".
"Debuggen" -> "No, Cancel debugging"
"Preparing done" -> NirCmd funktioniert nicht mehr. -> "no, cancel debuging"
Auch versucht mit "Debugging":
Meldung "An unhandled win32 exception occured in cmd.exe [8112]." und in
MS Visual Studio dann "Unhandled exception at 0x74d5c5e2 in cmd.exe: 0xC0000005:
Access violation reading location 0x00cf0410." -> Weiter mit "Break"
"Results have been copied now… -> sed.exe funkioniert nicht mehr -> "Programm schließen"
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.69  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
Avira Desktop      
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spyware Terminator 2012   
 Spybot - Search & Destroy 
 Adobe Flash Player 	11.8.800.94  
 Mozilla Firefox (22.0) 
 Google Chrome 28.0.1500.71  
 Google Chrome 28.0.1500.72  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 BrowserDefender 2.6.1339.144 {c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} BrowserDefender.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Deltasearch ist wieder da.
Meldung "C:\Program Files(x86)\HomeTab\TBupdter.dll nicht gefunden" kommt noch immer.
Viel Arbeit, tut mir leid,
trotzdem einen schönen Montag.
Gruß
Herbert

Hier noch das neue Fixlog:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2013
Ran by Herbert at 2013-07-15 06:31:15 Run:3
Running from C:\Users\Herbert\Desktop
Boot Mode: Normal
==============================================

"C:\Windows\System32\Tasks\ProtectedSearch" => File/Directory not found.

==== End of Fixlog ====
         

Alt 15.07.2013, 08:10   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Öffne bitte FRST, setz nen Haken bei additional und scanne, poste beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 10:08   #11
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Log Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by Herbert at 2013-07-15 10:30:31
Running from C:\Users\Herbert\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727)
 Tools for .Net 3.5 (x32 Version: 3.11.50727)
7-Zip 9.22beta (x32)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Alle meine Passworte 2.70 (x32)
Android-Sync v0.396 (x32)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft PhotoImpression 6 (x32 Version: 6.1.8.146)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audacity Recovery Utility (x32)
Avira Antivirus Premium (x32 Version: 13.0.0.3882)
Bamboo Dock (x32 Version: 4.1)
Bamboo Dock (x32 Version: 4.1.0)
Bamboo Tablets Tutorial (x32 Version: 3.0.20)
Bonjour (Version: 3.0.0.10)
BrowserDefender (x32)
calibre (x32 Version: 0.9.36)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
Classic Shell (Version: 3.6.7)
Clever Privacy (x32 Version: 1.0.0.38)
Custom UI Editor for Microsoft Office (x32 Version: 3.14.1592)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.21.5)
Desktop Icon für Amazon (Version: 1.0.1 (de))
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727)
dows-Treiberpaket - Android-Sync.com (WinUSB) AndroidUsbDeviceClass  (05/01/2013 13.0.0501.00000) (Version: 05/01/2013 13.0.0501.00000)
Epson Copy Utility 3.5 (x32 Version: 3.5.0.0)
EPSON Scan (x32)
Erforderliche Komponenten für SSDT  (x32 Version: 11.1.3000.0)
Falk Navi-Manager (x32 Version: 2.16.0)
Falk Navi-Manager (x32 Version: 2.16.2)
Falk Navi-Manager classic (x32 Version: 2.11.0)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
FireJump (x32 Version: 1.0.2.7)
Foxit Reader (x32 Version: 6.0.3.524)
Free Driver Scout (Version: 1.0.0.111)
Free Driver Scout (x32 Version: 1.0.0.111)
GDR 2218 für SQL Server 2012 (KB2716442) (64-bit) (Version: 11.0.2218.0)
GMX Upload-Manager (x32 Version: 2.0.670)
Google Chrome (x32 Version: 28.0.1500.72)
Google Drive (x32 Version: 1.10.4769.632)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.153)
GPL Ghostscript (x32 Version: 9.04)
Greenshot (x32)
HomeTab 4.1 (x32 Version: 4.1)
ImgBurn (x32 Version: 2.5.7.0)
Iminent (x32 Version: 6.27.21.0)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
LAME v3.98.2 for Audacity (x32)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Garage Mouse without Borders (x32 Version: 2.1.2.1212)
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727)
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Report Viewer 2012 Runtime (x32 Version: 11.0.2100.60)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server 2012 (64-bit)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.1.2820.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.1.2820.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2218.0)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3128.0)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (Version: 11.1.3000.0)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (x32 Version: 10.3.20116.0)
Microsoft SQL Server Data Tools - DEU (11.1.21208.0) (x32 Version: 11.1.21208.0)
Microsoft SQL Server Data Tools 2012 (x32 Version: 11.1.21208.0)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.21208.0) (x32 Version: 11.1.21208.0)
Microsoft SQL Server System CLR Types (x32 Version: 10.51.2500.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integrated) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integrated) (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Integriert) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Integriert) Language Pack - DEU (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isolated) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Isoliert) Language Pack - DEU (x32 Version: 11.0.50727.1)
Microsoft Visual Studio 2012 Shell (Isoliert) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (x32 Version: 10.0.40220)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (x32 Version: 10.0.40220)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727)
Microsoft VSS Writer for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3000.0)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3000.0)
Miranda IM 0.10.10 (x32 Version: 0.10.10)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 14.0.1468.721)
MySQL Connector/ODBC 5.1 (Version: 5.1.8)
Nero 12 Kwik Burn Express Essentials (x32 Version: 12.3.00700)
Nero Blu-ray Player (x32 Version: 12.0.20012)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)
Nero ControlCenter (x32 Version: 11.0.15500)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000)
Nero Core Components (x32 Version: 11.0.19400)
Nero Express (x32 Version: 12.0.28001)
Nero Express Help (CHM) (x32 Version: 12.0.5000)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.7000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero Launcher (x32 Version: 12.2.7000)
Nero Prerequisite Installer 2.0 (x32 Version: 12.0.01000)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
Notepad++ (x32 Version: 6.3.3)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
OUTDATEfighter (x32 Version: 1.1.66)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017)
Paint.NET v3.5.5 (Version: 3.55.0)
Perfect Effects 3 Free (x32 Version: 3.0.2)
PhraseExpress v9.1.36 (x32 Version: 9.1.36)
Prerequisite installer (x32 Version: 12.0.0003)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6886)
Safari (x32 Version: 5.34.57.2)
SearchAnonymizer (Version: 1.0.1 (de))
Shrew Soft VPN Client
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 6.3 (x32 Version: 6.3.107)
SPAMfighter (x32 Version: 7.6.50)
Spybot - Search & Destroy (x32 Version: 2.1.19)
Spyware Terminator 2012 (x32 Version: 3.0.0.82)
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60)
SQL Server 2012 Common Files (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60)
SQL Server 2012 Documentation Components (Version: 11.0.2100.60)
SQL Server 2012 Full text search (Version: 11.0.2100.60)
SQL Server 2012 Management Studio (Version: 11.0.2100.60)
SQL Server 2012 Reporting Services (Version: 11.0.2100.60)
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60)
SQL Server Browser for SQL Server 2012 (x32 Version: 11.0.2100.60)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60)
SQLyog 9.10  (x32 Version: 9.10 )
STK02N 2.4 (x32 Version: 2.4)
SugarSync (x32 Version: 2.0.27.114357)
TeamViewer 8 (x32 Version: 8.0.19617)
Uniblue RegistryBooster (x32 Version: 6.1.1.1)
UPC Install Master (x32 Version: 1.1.0.22)
Update for Microsoft Access 2013 (KB2760350) 32-Bit Edition (x32)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760538) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767851) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2810010) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817320) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817482) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817489) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817492) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2817467) 32-Bit Edition (x32)
Update for Microsoft Outlook 2013 (KB2817468) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2810006) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2817469) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2810008) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219)
Update for Microsoft Word 2013 (KB2767863) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2810086) 32-Bit Edition (x32)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Wacom (Version: 5.3.2-1)
Wacom Tablett (Version: 6.3.5w3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Winamp (x32 Version: 5.621 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Word 2007 Content Control Toolkit (x32 Version: 1.3.0)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {096CD7E9-78E3-4943-B8B4-6B522F0104B0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {13AF2AE5-59FD-47BE-AE12-C8A832137173} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {19CFD90F-FBC5-4DCE-A6AB-741B5962C46B} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2495144B-E77D-4062-B157-E7EC1552CDBE} - System32\Tasks\rbmonitor => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2013-01-08] (Uniblue Systems Limited)
Task: {25DE89AE-F260-461F-88D9-E9141011EDFC} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {2FD5749D-FAE9-4EFF-9EA7-CCD2C4FDA92E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {39D303D6-D7C6-424D-91B2-E490859DDBD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12] (Adobe Systems Incorporated)
Task: {3A4F8190-C88C-4702-B1F4-875F59ECB143} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3CD4D4E0-0B31-4A46-83C5-E8B25C5093E5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {3FDE9E19-49D4-4C46-8725-B224A282A996} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1006
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4A24A1C0-1A44-4FEF-BCBE-BE436BFEB0D0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4EBFBD6F-470B-4692-8EFB-443814211F72} - System32\Tasks\RegClean Prosch => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe No File
Task: {53D04BFC-CE0C-44EE-8D66-6DB614D7DD56} - System32\Tasks\Software Updater Ui => C:\PROGRAM FILES\SOFTWAREUPDATER\SoftwareUpdater.Ui.exe No File
Task: {54705E13-E18E-420C-8601-2B849D672038} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5D846AE3-F182-43C9-8846-D03550530EA9} - System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\Binaries\ChromeInstaller.exe [2013-07-10] (Iminent)
Task: {60352F3B-C72E-432E-A9D4-E2E4820D2399} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-02] (Microsoft Corporation)
Task: {617D7643-8701-4206-BA5C-93412176DF83} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7449FB00-49E7-4A1A-B2AE-6D915DAAF923} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {793CCE19-8904-417F-BA41-DE223F9E9DD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe No File
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7ECE3A16-9C96-404C-ADAA-2994B85ED504} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {8079C859-175D-4B42-A73D-6779A66B903C} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8C3EB2CE-07ED-4360-9456-C0701A33772F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {9790C766-9CB6-4C6B-8F49-650FB60CD6AA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {9844DC91-A6DE-4F9A-A6EA-0A89EED64700} - System32\Tasks\EPUpdater => C:\Users\Herbert\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8A2040B-F31B-4729-A351-DC4F43D60A91} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B34739A4-D7DE-47DA-8DD9-B17658C5AF70} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3455799945-794626198-3976200442-1006 => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {B36DBBAE-C287-4EE4-9DCD-B56AD08E46A1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {B419E35E-1E84-479C-BD37-2A0B88F36810} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2012-07-26] (Microsoft Corporation)
Task: {B84846C1-A1F2-474C-81AB-DEAD439CFB10} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C9E32166-07B3-4B80-AC7E-53F300153DE7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe No File
Task: {C9FAF460-8203-4CB1-83F3-2ADB88AE7C0A} - System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148} => C:\Windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D338B956-B280-4275-99E2-6DDCB3D1951E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {DF0D9557-A1ED-416D-8D1D-96D4DA93F25A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {E21570B9-B897-4F71-9761-90BF41D74CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F3476ABC-D499-4DFB-B15A-43125C314242} - \ProtectedSearch\Protected Search No Task File
Task: {F6C032ED-0158-47B9-AF17-8D349D6A9049} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {F9CA4645-AD2C-4D6A-BE12-03451F1D9556} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation)
Task: {FB30D6D0-64A8-46E7-B96E-38EFF87EFBF6} - System32\Tasks\Software Updater => C:\PROGRAM FILES\SOFTWAREUPDATER\SOFTWAREUPDATER.BOOTSTRAPPER.EXE No File
Task: {FDE26651-08FB-40FE-93F8-5952D55FFD87} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {FED92FF3-C5F2-4553-9DB3-94427D831FDD} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\rbmonitor.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: C:\Windows\Tasks\RegClean Prosch.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2013 06:50:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 15.0.4454.1503, Zeitstempel: 0x50b592fe
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 15.0.4454.1503, Zeitstempel: 0x50b592fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005271c
ID des fehlerhaften Prozesses: 0x167c
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3
Vollständiger Name des fehlerhaften Pakets: EXCEL.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EXCEL.EXE5

Error: (07/15/2013 06:25:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sed.exe, Version: 0.0.0.0, Zeitstempel: 0x3d1eea24
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x2258
Startzeit der fehlerhaften Anwendung: 0xsed.exe0
Pfad der fehlerhaften Anwendung: sed.exe1
Pfad des fehlerhaften Moduls: sed.exe2
Berichtskennung: sed.exe3
Vollständiger Name des fehlerhaften Pakets: sed.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sed.exe5

Error: (07/15/2013 06:25:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108a81
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3
Vollständiger Name des fehlerhaften Pakets: cmd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cmd.exe5

Error: (07/15/2013 06:20:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108a81
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3
Vollständiger Name des fehlerhaften Pakets: cmd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cmd.exe5

Error: (07/15/2013 06:16:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sed.exe, Version: 0.0.0.0, Zeitstempel: 0x3d1eea24
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0xcd8
Startzeit der fehlerhaften Anwendung: 0xsed.exe0
Pfad der fehlerhaften Anwendung: sed.exe1
Pfad des fehlerhaften Moduls: sed.exe2
Berichtskennung: sed.exe3
Vollständiger Name des fehlerhaften Pakets: sed.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sed.exe5

Error: (07/15/2013 06:16:22 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sed.exe, Version: 0.0.0.0, Zeitstempel: 0x3d1eea24
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x2130
Startzeit der fehlerhaften Anwendung: 0xsed.exe0
Pfad der fehlerhaften Anwendung: sed.exe1
Pfad des fehlerhaften Moduls: sed.exe2
Berichtskennung: sed.exe3
Vollständiger Name des fehlerhaften Pakets: sed.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sed.exe5

Error: (07/15/2013 06:14:06 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sed.exe, Version: 0.0.0.0, Zeitstempel: 0x3d1eea24
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x2130
Startzeit der fehlerhaften Anwendung: 0xsed.exe0
Pfad der fehlerhaften Anwendung: sed.exe1
Pfad des fehlerhaften Moduls: sed.exe2
Berichtskennung: sed.exe3
Vollständiger Name des fehlerhaften Pakets: sed.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sed.exe5

Error: (07/15/2013 06:13:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108a81
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x1424
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3
Vollständiger Name des fehlerhaften Pakets: cmd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cmd.exe5

Error: (07/15/2013 06:12:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108a81
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x2188
Startzeit der fehlerhaften Anwendung: 0xcmd.exe0
Pfad der fehlerhaften Anwendung: cmd.exe1
Pfad des fehlerhaften Moduls: cmd.exe2
Berichtskennung: cmd.exe3
Vollständiger Name des fehlerhaften Pakets: cmd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cmd.exe5

Error: (07/15/2013 06:10:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nircmdc.exe, Version: 2.3.7.192, Zeitstempel: 0x4a1c1d33
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1339.144, Zeitstempel: 0x519ddca2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015c5e2
ID des fehlerhaften Prozesses: 0x2038
Startzeit der fehlerhaften Anwendung: 0xnircmdc.exe0
Pfad der fehlerhaften Anwendung: nircmdc.exe1
Pfad des fehlerhaften Moduls: nircmdc.exe2
Berichtskennung: nircmdc.exe3
Vollständiger Name des fehlerhaften Pakets: nircmdc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nircmdc.exe5


System errors:
=============
Error: (07/15/2013 06:54:08 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/15/2013 06:54:08 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 06:54:06 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 06:54:06 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 06:53:49 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 06:53:49 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 06:51:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apache2.2" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%1

Error: (07/14/2013 08:54:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/14/2013 08:23:13 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (07/14/2013 08:23:13 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80


Microsoft Office Sessions:
=========================
Error: (07/15/2013 06:50:50 AM) (Source: Application Error)(User: )
Description: EXCEL.EXE15.0.4454.150350b592feEXCEL.EXE15.0.4454.150350b592fec00000050005271c167c01ce811649700f4fC:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXEC:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE1e6a6fcf-ed0a-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:25:31 AM) (Source: Application Error)(User: )
Description: sed.exe0.0.0.03d1eea24browse~1.dll2.6.1339.144519ddca2c00000050015c5e2225801ce811357899cf8C:\Users\Herbert\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll95413687-ed06-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:25:20 AM) (Source: Application Error)(User: )
Description: cmd.exe6.2.9200.1638450108a81browse~1.dll2.6.1339.144519ddca2c00000050015c5e21fb001ce8112b23cde70C:\Windows\SysWOW64\cmd.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll8ef91f6d-ed06-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:20:54 AM) (Source: Application Error)(User: )
Description: cmd.exe6.2.9200.1638450108a81browse~1.dll2.6.1339.144519ddca2c00000050015c5e21fb001ce8112b23cde70C:\Windows\SysWOW64\cmd.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dllf0096ba0-ed05-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:16:56 AM) (Source: Application Error)(User: )
Description: sed.exe0.0.0.03d1eea24browse~1.dll2.6.1339.144519ddca2c00000050015c5e2cd801ce8112247f4f40C:\Users\Herbert\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll62386f6c-ed05-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:16:22 AM) (Source: Application Error)(User: )
Description: sed.exe0.0.0.03d1eea24browse~1.dll2.6.1339.144519ddca2c00000050015c5e2213001ce8111bf64dde0C:\Users\Herbert\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll4e1ae251-ed05-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:14:06 AM) (Source: Application Error)(User: )
Description: sed.exe0.0.0.03d1eea24browse~1.dll2.6.1339.144519ddca2c00000050015c5e2213001ce8111bf64dde0C:\Users\Herbert\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dllfd20486c-ed04-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:13:44 AM) (Source: Application Error)(User: )
Description: cmd.exe6.2.9200.1638450108a81browse~1.dll2.6.1339.144519ddca2c00000050015c5e2142401ce8111b1f48b89C:\Windows\SysWOW64\cmd.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dlleface835-ed04-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:12:37 AM) (Source: Application Error)(User: )
Description: cmd.exe6.2.9200.1638450108a81browse~1.dll2.6.1339.144519ddca2c00000050015c5e2218801ce81118a610809C:\Windows\SysWOW64\cmd.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dllc81964d0-ed04-11e2-bed9-001a7dda710f

Error: (07/15/2013 06:10:44 AM) (Source: Application Error)(User: )
Description: nircmdc.exe2.3.7.1924a1c1d33browse~1.dll2.6.1339.144519ddca2c00000050015c5e2203801ce811146486a92C:\Users\Herbert\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exec:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll849c277a-ed04-11e2-bed9-001a7dda710f


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 8153.99 MB
Available physical RAM: 4228.64 MB
Total Pagefile: 24153.99 MB
Available Pagefile: 19272.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:615.57 GB) (Free:515.32 GB) NTFS (Disk=0 Partition=2)
Drive e: (Volume) (Fixed) (Total:781.25 GB) (Free:691.39 GB) NTFS (Disk=0 Partition=3)
Drive f: (INTENSO) (Fixed) (Total:2793.83 GB) (Free:2038.48 GB) FAT32 (Disk=1 Partition=1)
Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive h: (Cruzer) (Removable) (Total:14.92 GB) (Free:12.27 GB) FAT32 (Disk=5 Partition=1)
Drive p: (HD100ext) (Fixed) (Total:93.16 GB) (Free:63.58 GB) NTFS (Disk=3 Partition=1)
Drive r: () (Removable) (Total:0.96 GB) (Free:0.01 GB) NTFS (Disk=4 Partition=1)
Drive z: (FotoHD) (Fixed) (Total:1863.01 GB) (Free:1841.47 GB) NTFS (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: EF37055A)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=616 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: F62F1CB1)
Partition 1: (Active) - (Size=-198627557376) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 93 GB) (Disk ID: FFDF5C44)
Partition 1: (Active) - (Size=93 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 980 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=980 MB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 15.07.2013, 10:08   #12
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Log Frst.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Herbert (administrator) on 15-07-2013 10:29:33
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
() C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfus.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfagent.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\x64\LiveKitLoader64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-07-14] (OCS)
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe" 
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [1074736 2013-07-02] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-07-02] (Iminent)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1497120 2013-04-29] (SPAMfighter ApS)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
SearchScopes: HKCU - {1268E3F4-11EA-435A-9291-E59FC1AE8580} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4D7C11AC-9E75-4421-BE68-0B8EF9920E6B} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {81B6391D-C3E2-4289-895B-5BFD0FFB1090} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {85CA79EA-BFDD-4411-AB96-0B49EB2C028B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {D1E14777-4037-4E71-8934-C096971719F6} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {DD1510F1-1D88-4A84-9E93-529815FC6C94} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF user.js: detected! => C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Delta Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\ffxtlbr@delta.com
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: FireJump - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firejump@firejump.net
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: HomeTab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: webbooster - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\webbooster@iminent.com.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\firejump@firejump.net

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943"
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HomeTab) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\4.1
CHR Extension: (LyricsSpeaker) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.120
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SearchAnonymizer; C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-07-14] ()
R2 SPAMfighter Update Service; C:\Program Files (x86)\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2729512 2013-07-02] (Iminent)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1281568 2013-05-29] (SPAMfighter ApS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:30 - 2013-07-14 18:32 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 08:55 - 2013-07-14 18:53 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-14 08:55 - 2013-07-14 08:56 - 00000000 ____D C:\Program Files (x86)\Fighters
2013-07-14 08:55 - 2013-07-14 08:55 - 00003660 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Iminent
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\ProgramData\Iminent
2013-07-14 08:54 - 2013-07-14 08:55 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-14 08:54 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2013-07-14 08:54 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:54 - 2013-07-14 07:55 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:48 - 2013-07-14 07:49 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:36 - 2013-07-13 06:37 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-14 08:54 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 09:02 - 2013-07-09 12:03 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-15 10:16 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-05 16:11 - 2013-07-14 18:52 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-15 06:16 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 09:40 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 09:40 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 09:40 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 09:40 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 09:40 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 09:40 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 09:40 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 09:40 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 09:40 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 09:40 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 09:40 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 09:40 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 09:40 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

2013-07-15 10:27 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-15 10:16 - 2013-07-05 16:11 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-15 10:14 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-15 09:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 09:16 - 2012-11-29 20:05 - 01609520 _____ C:\Windows\WindowsUpdate.log
2013-07-15 08:46 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-15 08:09 - 2013-02-01 17:43 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-15 07:14 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 06:54 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-15 06:16 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-15 06:03 - 2012-07-02 07:39 - 00891022 _____ C:\Users\Herbert\Desktop\SecurityCheck.exe
2013-07-15 04:37 - 2013-01-30 18:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-14 18:59 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-14 18:59 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-14 18:59 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:53 - 2013-07-14 08:55 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-14 18:52 - 2013-07-05 16:11 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-14 18:52 - 2013-05-13 09:14 - 00000368 _____ C:\Windows\Tasks\rbmonitor.job
2013-07-14 18:52 - 2013-01-30 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 18:52 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 18:51 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-14 18:36 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 18:32 - 2013-07-14 18:30 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 18:32 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-14 08:56 - 2013-07-14 08:55 - 00000000 ____D C:\Program Files (x86)\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\ProgramData\Fighters
2013-07-14 08:55 - 2013-07-14 08:55 - 00003660 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Iminent
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\ProgramData\Iminent
2013-07-14 08:55 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-14 08:55 - 2013-06-03 07:35 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-14 08:54 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-14 08:54 - 2013-02-01 22:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 08:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:55 - 2013-07-14 07:54 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:49 - 2013-07-14 07:48 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-14 07:49 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-13 07:15 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 07:09 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 07:09 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:37 - 2013-07-13 06:36 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:12 - 2012-11-29 03:11 - 00064044 _____ C:\Windows\PFRO.log
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 09:20 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-12 09:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 12:03 - 2013-07-06 09:02 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 00:57 - 2013-01-31 07:08 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-15 07:05 - 2013-01-31 08:56 - 00083968 ___SH C:\Users\Herbert\Desktop\Thumbs.db

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
         
--- --- ---

Alt 15.07.2013, 11:13   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {A8A2040B-F31B-4729-A351-DC4F43D60A91} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {FDE26651-08FB-40FE-93F8-5952D55FFD87} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {FED92FF3-C5F2-4553-9DB3-94427D831FDD} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe No File
Task: C:\Windows\Tasks\rbmonitor.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: C:\Windows\Tasks\RegClean Prosch.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
C:\Windows\System32\Tasks\Browser Updater\Browser Updater
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
C:\Users\Herbert\AppData\Roaming\HomeTab
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
C:\Program Files (x86)\Iminent
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
C:\Users\Herbert\AppData\Roaming\HomeTab
C:\Program Files (x86)\Delta
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\delta.xml
FF user.js: detected! => C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\user.js
FF Extension: Delta Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\ffxtlbr@delta.com
FF Extension: HomeTab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943"
CHR Extension: (HomeTab) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\4.1
CHR Extension: (LyricsSpeaker) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.120
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
C:\ProgramData\BrowserDefender
C:\Program Files\Classic Shell
2013-07-14 08:55 - 2013-07-14 18:53 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-14 08:55 - 2013-07-14 08:56 - 00000000 ____D C:\Program Files (x86)\Fighters
2013-07-14 08:55 - 2013-07-14 08:55 - 00003660 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Iminent
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\ProgramData\Iminent
2013-07-14 08:54 - 2013-07-14 08:55 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-06 09:02 - 2013-07-09 12:03 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-05 16:11 - 2013-07-15 10:16 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-05 16:11 - 2013-07-14 18:52 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-14 08:54 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-14 08:54 - 2013-02-01 22:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



reboot und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 11:48   #14
Herbertfi
 
Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



Fixit neu:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2013
Ran by Herbert at 2013-07-15 12:42:42 Run:4
Running from C:\Users\Herbert\Desktop
Boot Mode: Normal
==============================================

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8A2040B-F31B-4729-A351-DC4F43D60A91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A2040B-F31B-4729-A351-DC4F43D60A91} => Key not found.
C:\Windows\System32\Tasks\BrowserDefendert => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDE26651-08FB-40FE-93F8-5952D55FFD87} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDE26651-08FB-40FE-93F8-5952D55FFD87} => Key deleted successfully.
C:\Windows\System32\Tasks\Browser Updater\Browser Updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FED92FF3-C5F2-4553-9DB3-94427D831FDD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FED92FF3-C5F2-4553-9DB3-94427D831FDD} => Key deleted successfully.
C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore => Key deleted successfully.
C:\Windows\Tasks\rbmonitor.job => Moved successfully.
C:\Windows\Tasks\RegClean Prosch.job => Moved successfully.
"C:\Windows\System32\Tasks\Browser Updater\Browser Updater" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19a395c9-823b-4700-b817-396fc84ffb16} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{19a395c9-823b-4700-b817-396fc84ffb16} => Key deleted successfully.
"C:\Users\Herbert\AppData\Roaming\HomeTab" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} => Key deleted successfully.

"C:\Program Files (x86)\Iminent" directory move:

C:\Program Files (x86)\Iminent\f_in_box.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.AxImp.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Business.Connect.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Business.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Business.tlb => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Entity.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.exe => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.exe.config => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.InstallLog => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.InstallState => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Mediator.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Mediator.tlb => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe.config => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Services.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.WinCore.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.WinCore.WLM.WinEvents.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.WinCore.WLM15.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.WinCore.Yahoo.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Windows.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Iminent.Workflow.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll => Moved successfully.
C:\Program Files (x86)\Iminent\Microsoft.Expression.Interactions.dll => Moved successfully.
C:\Program Files (x86)\Iminent\SearchTheWeb.xml => Moved successfully.
C:\Program Files (x86)\Iminent\StartWeb.xml => Moved successfully.
C:\Program Files (x86)\Iminent\System.Data.SQLite.dll => Moved successfully.
C:\Program Files (x86)\Iminent\System.Data.SQLite.xml => Moved successfully.
C:\Program Files (x86)\Iminent\System.Windows.Interactivity.dll => Moved successfully.
C:\Program Files (x86)\Iminent\System.Windows.Interactivity.xml => Moved successfully.
C:\Program Files (x86)\Iminent\USearch.xml => Moved successfully.
C:\Program Files (x86)\Iminent\WPFLocalizeExtension.dll => Moved successfully.
C:\Program Files (x86)\Iminent\WPFLocalizeExtension.xml => Moved successfully.
C:\Program Files (x86)\Iminent\tr\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\tr\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\tr\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\tr\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\tr\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\ro\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\ro\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\ro\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\Microsoft.Expression.Interactions.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\it\System.Windows.Interactivity.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\inst\main.ico => Moved successfully.
C:\Program Files (x86)\Iminent\inst\msacm32.dll => Moved successfully.
C:\Program Files (x86)\Iminent\inst\SearchTheWeb.ico => Moved successfully.
C:\Program Files (x86)\Iminent\inst\Universely.ico => Moved successfully.
C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\Microsoft.Expression.Interactions.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\fr\System.Windows.Interactivity.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\Microsoft.Expression.Interactions.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\es\System.Windows.Interactivity.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\Microsoft.Expression.Interactions.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\en\System.Windows.Interactivity.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Iminent.Booster.UI.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Iminent.Business.Connect.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Iminent.Messengers.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Iminent.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Iminent.Services.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\Microsoft.Expression.Interactions.resources.dll => Moved successfully.
C:\Program Files (x86)\Iminent\de\System.Windows.Interactivity.resources.dll => Moved successfully.
"C:\Program Files (x86)\Iminent" => Directory moved successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba696155-d96e-4281-b467-0367a0456474} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ba696155-d96e-4281-b467-0367a0456474} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
"C:\Users\Herbert\AppData\Roaming\HomeTab" => File/Directory not found.
C:\Program Files (x86)\Delta => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ba696155-d96e-4281-b467-0367a0456474} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{ba696155-d96e-4281-b467-0367a0456474} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{19a395c9-823b-4700-b817-396fc84ffb16} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{19a395c9-823b-4700-b817-396fc84ffb16} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Key deleted successfully.
Firefox newtab deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\babylon.xml => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\delta.xml => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\user.js => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\ffxtlbr@delta.com => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2} => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => Moved successfully.
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943" ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf => Moved successfully.
C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo => Moved successfully.
BrowserDefendert => Service deleted successfully.
ClassicShellService => Service deleted successfully.

"C:\ProgramData\BrowserDefender" directory move:

Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender" directory. => Scheduled to move on reboot.


"C:\Program Files\Classic Shell" directory move:

C:\Program Files\Classic Shell\ClassicExplorer32.dll => Moved successfully.
C:\Program Files\Classic Shell\ClassicExplorer64.dll => Moved successfully.
C:\Program Files\Classic Shell\ClassicExplorerSettings.exe => Moved successfully.
C:\Program Files\Classic Shell\ClassicShell.chm => Moved successfully.
C:\Program Files\Classic Shell\ClassicShellReadme.rtf => Moved successfully.
C:\Program Files\Classic Shell\ClassicShellService.exe => Moved successfully.
C:\Program Files\Classic Shell\ClassicShellUpdate.exe => Moved successfully.
C:\Program Files\Classic Shell\ClassicStartMenu.exe => Moved successfully.
C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll => Moved successfully.
C:\Program Files\Classic Shell\ExplorerL10N.ini => Moved successfully.
C:\Program Files\Classic Shell\HISTORY.txt => Moved successfully.
C:\Program Files\Classic Shell\inichecksum.bin => Moved successfully.
C:\Program Files\Classic Shell\Start Menu Settings.lnk => Moved successfully.
C:\Program Files\Classic Shell\StartMenuL10N.ini => Moved successfully.
C:\Program Files\Classic Shell\Skins\Classic Skin.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Full Glass.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Metro.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Smoked Glass.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Windows Aero.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Windows Basic.skin => Moved successfully.
C:\Program Files\Classic Shell\Skins\Windows XP Luna.skin => Moved successfully.
Could not move "C:\Program Files\Classic Shell" directory. => Scheduled to move on reboot.

"C:\Windows\System32\Tasks\BrowserDefendert" => File/Directory not found.

"C:\Program Files (x86)\Fighters" directory move:

C:\Program Files (x86)\Fighters\FighterLauncher.exe => Moved successfully.
C:\Program Files (x86)\Fighters\FighterSuiteService.exe => Moved successfully.
C:\Program Files (x86)\Fighters\LogFilesCollector.exe => Moved successfully.
C:\Program Files (x86)\Fighters\MachineId.exe => Moved successfully.
C:\Program Files (x86)\Fighters\MachineIdGateway.dll => Moved successfully.
C:\Program Files (x86)\Fighters\sfhtml.dll => Moved successfully.
C:\Program Files (x86)\Fighters\ShortcutLauncher.exe => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\FightersTray.exe => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\MsgSys.exe => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\sfhtml.dll => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\SuiteClient.dll => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_AR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_BG.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_CS.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_DA.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_DE.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_EL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_EN.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_ES.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_FI.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_FR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_HE.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_HR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_HU.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_ID.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_IT.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_JA.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_KO.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_NL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_NO.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_PL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_PT.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_RO.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_RU.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_SV.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_TH.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_TR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_TW.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_VI.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\Translations\Language_ZH.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\notification\popup.css => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\notification\popup.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\notification\gfx\icon_close.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\notification\gfx\icon_productname.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\notification\gfx\popup_bubble.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\checking_for_updates.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\done_lightbox.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\error_lightbox.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\popup.css => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\popup.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\restart_lightbox.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\update_manager.css => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\Update_Manager.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\uptodate_lightbox.html => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\whitelabel.css => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\bg_stretch.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\done_btn.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\done_btn_down.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_complete.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_done.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_error.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_fdf.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_info.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_info_active.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_productname.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_shield.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_slow.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_spam.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_spy.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_support.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\icon_support_active.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_TKTRAY-UPD-SFPRO.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_TKTRAYAPP.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\Icon_virus.png => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\spinner.gif => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\unipb.gif => Moved successfully.
C:\Program Files (x86)\Fighters\Tray\HTML\gfx\unipb_install.gif => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_AR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_BG.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_CS.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_DA.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_DE.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_EL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_EN.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_ES.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_FI.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_FR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_HR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_HU.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_ID.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_IT.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_JA.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_NL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_NO.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_PL.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_PT.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_RU.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_SV.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_TH.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_TR.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_TW.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_VI.xml => Moved successfully.
C:\Program Files (x86)\Fighters\Languages\Language_ZH.xml => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Deinstallieren.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Einstellungen.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\folder.jpg => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Reparieren.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\SPAMfighter  Pro kaufen.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Ändern.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Supportwerkzeuge\Crash Dumps.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Supportwerkzeuge\Logdateien.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Supportwerkzeuge\Sammeln von Log Dateien..lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\Supportwerkzeuge\Support anfordern.lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\FAQ und Lizenzbedingungen\Häufig gestellte Fragen (FAQ).lnk => Moved successfully.
C:\Program Files (x86)\Fighters\FIGHTERtools\SPAMfighter\FAQ und Lizenzbedingungen\Lizenzvereinbarung.lnk => Moved successfully.
Could not move "C:\Program Files (x86)\Fighters" directory. => Scheduled to move on reboot.

C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender => Moved successfully.

"C:\Users\Herbert\AppData\Roaming\Iminent" directory move:

Could not move "C:\Users\Herbert\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat" => Scheduled to move on reboot.
C:\Users\Herbert\AppData\Roaming\Iminent\Mediator\Datas\user.dat => Moved successfully.
Could not move "C:\Users\Herbert\AppData\Roaming\Iminent" directory. => Scheduled to move on reboot.

C:\ProgramData\Iminent => Moved successfully.
"C:\Program Files (x86)\Iminent" => File/Directory not found.
C:\Users\Herbert\Desktop\Amazon.lnk => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Opera => Moved successfully.

"C:\Users\Herbert\AppData\Roaming\OCS" directory move:

C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizer.exe => Moved successfully.
C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe => Moved successfully.
C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallLog => Moved successfully.
C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.InstallState => Moved successfully.
C:\Users\Herbert\AppData\Roaming\OCS\SM\vl.dat => Moved successfully.
Could not move "C:\Users\Herbert\AppData\Roaming\OCS" directory. => Scheduled to move on reboot.

C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl => Moved successfully.
C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Delta => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Babylon => Moved successfully.
C:\Users\Herbert\AppData\Roaming\BabSolution => Moved successfully.

"C:\ProgramData\BrowserDefender" directory move:

Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender" directory. => Scheduled to move on reboot.

C:\ProgramData\Babylon => Moved successfully.
"C:\Program Files (x86)\Delta" => File/Directory not found.
"C:\Windows\Tasks\RegClean Prosch.job" => File/Directory not found.
C:\Windows\System32\Tasks\RegClean Prosch => Moved successfully.
C:\Users\Public\Desktop\RegClean Pro.lnk => Moved successfully.
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA => Moved successfully.
"C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore" => File/Directory not found.
"C:\Users\Herbert\Desktop\Amazon.lnk" => File/Directory not found.
"C:\Users\Herbert\AppData\Roaming\Opera" => File/Directory not found.

"C:\Users\Herbert\AppData\Roaming\OCS" directory move:

Could not move "C:\Users\Herbert\AppData\Roaming\OCS" directory. => Scheduled to move on reboot.

"C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl" => File/Directory not found.
"C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon" => File/Directory not found.
"C:\Users\Herbert\AppData\Roaming\Delta" => File/Directory not found.
"C:\Users\Herbert\AppData\Roaming\Babylon" => File/Directory not found.
"C:\Users\Herbert\AppData\Roaming\BabSolution" => File/Directory not found.

"C:\ProgramData\BrowserDefender" directory move:

Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender" directory. => Scheduled to move on reboot.

"C:\ProgramData\Babylon" => File/Directory not found.
"C:\Program Files (x86)\Delta" => File/Directory not found.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
C:\Program Files (x86)\InstallShield Installation Information => Moved successfully.

=========== Result of Scheduled Files to move ===========
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => File could not move.
"C:\ProgramData\BrowserDefender" => Directory could not move.
C:\Program Files\Classic Shell => Moved successfully.
C:\Program Files (x86)\Fighters => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat => Moved successfully.
C:\Users\Herbert\AppData\Roaming\Iminent => Moved successfully.
C:\Users\Herbert\AppData\Roaming\OCS => Moved successfully.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => File could not move.
"C:\ProgramData\BrowserDefender" => Directory could not move.
C:\Users\Herbert\AppData\Roaming\OCS => Is moved successfully.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => File could not move.
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => File could not move.
"C:\ProgramData\BrowserDefender" => Directory could not move.

==== End of Fixlog ====
         

Alt 15.07.2013, 12:47   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Standard

Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden



frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden
deltasearch, entfern, entfernt, files, forum, gefunde, hochfahren, home, hometab, medung beim hochfahren, meldung, nicht vorhanden, program, tbupdater.dll, troja, trojaner, vorhanden, windows



Ähnliche Themen: Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden


  1. beim Hochfahren von Vista kommt immer diese Fehlermeldung c:\program files(x86)\hometab\tbupdater.dll
    Plagegeister aller Art und deren Bekämpfung - 29.03.2015 (9)
  2. Tastatur beim Hochfahren des Rechners nicht erkannt
    Log-Analyse und Auswertung - 15.03.2015 (8)
  3. RunDLL Problem beim Starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden. (Windows 7)
    Log-Analyse und Auswertung - 30.01.2015 (7)
  4. Problem beim Starten von windows Vista C:\Program files (X86)\Hometab\TBUpdater.dll kommt nach hochfahren des PC
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (10)
  5. Problem beim Starten von C:\Program files (X86)\Hometab\TBUpdater.dll kommt nach hochfahren des PC
    Plagegeister aller Art und deren Bekämpfung - 31.05.2014 (13)
  6. RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 11.03.2014 (13)
  7. RunDLL Problem beim starten von C:\ProgrammFiles\HomeTab\TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (7)
  8. RunDLL Problem beim Starten von C:\Program Files(x86)\Home Tab\TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Log-Analyse und Auswertung - 10.11.2013 (7)
  9. Fehlermeldung beim booten. RunDLL Problem beim starten von C:\ProgrammFiles\HomeTab\TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (21)
  10. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Log-Analyse und Auswertung - 22.10.2013 (16)
  11. RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 01.10.2013 (9)
  12. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (19)
  13. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (7)
  14. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (13)
  15. Windows 7: Problem beim Starten: C:\ProgramFiles(86x)\HomeTab\TBUpdater.dll Modul nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (3)
  16. explorer.exe wird beim Hochfahren nicht gestartet
    Plagegeister aller Art und deren Bekämpfung - 19.09.2011 (4)
  17. Rechner will nicht beim 1. Start hochfahren
    Log-Analyse und Auswertung - 16.01.2008 (0)

Zum Thema Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden - Hallo, gestern habe ich Deltasearch von meinem PC (Windows 8/64) entfernt . Jetzt kommt beim Hochfahren die Meldung "C:\Program Files(x86)\HomeTab\TBupdter.dll nicht gefunden". Hier im Forum habe ich gefunden, dass es - Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden...
Archiv
Du betrachtest: Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.