Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Nervige Werbung: 'Ads not by this site'-Problem

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.07.2013, 20:26   #1
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Die bekannten, bei euch hier ja auch häufiger beschriebenen Werbeattacken mit 'Ads not by this site'-Einblendungen haben meinen Rechner auch erwischt.
Das Junkware Removal Tool u. a. habe ich schon durchlaufen lassen. Wäre klasse, wenn ihr mir helfen könntet.

OTL hab ich schon durchlaufen lassen. Das Ergebnis wollte ich anhängen oder in Code-Tags einschließen. Beides klappte nicht, denn so wurde es zu lang: 430,7 KB. Please help! LG

Geändert von UltimateBert (21.07.2013 um 21:19 Uhr)

Alt 21.07.2013, 21:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.07.2013, 00:22   #3
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Okay, hier die Ergebnisse:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by Bert (administrator) on 22-07-2013 01:17:03
Running from C:\Users\Bert\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2SERVICE.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CMDAGENT.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
(IObit) C:\PROGRAM FILES (X86)\IOBIT\IOBIT MALWARE FIGHTER\IMFSRV.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CISTRAY.EXE
(MAXA Research Int'l Inc.) C:\PROGRAM FILES (X86)\MAXA COOKIE MANAGER\COOKIE.EXE
(SUPERAntiSpyware.com) C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
() C:\PROGRAM FILES\RAINLENDAR\RAINLENDAR2.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(PC Tools) C:\PROGRAM FILES (X86)\THREATFIRE\TFTRAY.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASY DISPLAY MANAGER\WIFIMANAGER.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASY DISPLAY MANAGER\DMHKCORE.EXE
(Zemana Ltd.) C:\PROGRAM FILES (X86)\ZEMANA ANTILOGGER\ANTILOGGER FREE.EXE
(CyberLink) C:\PROGRAM FILES (X86)\CYBERLINK\YOUCAM\YCMMIRAGE.EXE
(AVAST Software) C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(PC Tools) C:\PROGRAM FILES (X86)\THREATFIRE\TFSERVICE.EXE
(IObit) C:\PROGRAM FILES (X86)\IOBIT\IOBIT MALWARE FIGHTER\IMF.EXE
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUNEUPUTILITIESSERVICE64.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
(Mozilla Corporation) C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUNEUPUTILITIESAPP64.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES\SAMSUNG\SAMSUNGFASTSTART\SMARTRESTARTER.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\MOVIE COLOR ENHANCER\MOVIECOLORENHANCER.EXE
(SAMSUNG Electronics) C:\PROGRAM FILES (X86)\SAMSUNG\SAMSUNG SUPPORT CENTER\SSCKBDHK.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CAVWP.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CIS.EXE
(Intel Corporation) C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
(Samsung Electronics) C:\PROGRAM FILES (X86)\SAMSUNG\SAMSUNG UPDATE PLUS\SUPBACKGROUND.EXE
(Intel Corporation) C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
(CyberLink) C:\PROGRAM FILES (X86)\CYBERLINK\POWER2GO\CLMLSVC.EXE
(CyberLink Corp.) C:\PROGRAM FILES (X86)\CYBERLINK\MEDIA+PLAYER10\MEDIA+PLAYER10SERV.EXE
(Intel Corporation) C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASYSPEEDUPMANAGER\EASYSPEEDUPMANAGER.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_8_800_94.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_8_800_94.EXE
(The Eraser Project) C:\PROGRA~1\ERASER\ERASER.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
(EJIE Technology) C:\PROGRAM FILES (X86)\CLOVER\CLOVER.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [COMODO Internet Security] - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [1502424 2013-07-08] (COMODO)
HKCU\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKCU\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKCU\...\Run: [SandboxieControl] - C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe [759384 2013-06-17] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [ThreatFire] - C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2010-01-15] (PC Tools)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe                                                                                                                                                                                                         [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] - "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart [1504576 2013-05-30] (IObit)
HKLM-x32\...\Run: [ZALFree] - "C:\Program Files (x86)\Zemana AntiLogger\AntiLogger Free.exe" /MINIMIZED [12999984 2013-07-18] (Zemana Ltd.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKU\Administrator\...\Run: [Advanced SystemCare 5] - "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart [619352 2011-12-30] (IObit)
HKU\Administrator\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [x]
HKU\Administrator\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKU\Administrator\...\Run: [VeohPlugin] - "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2816328 2011-10-26] (Veoh Networks)
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KEYCRY~4.DLL [89936 2013-07-18] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KEYCRY~3.DLL [82696 2013-07-18] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
BootExecute: fSDKBtDfSDKBtsdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=198484&fr=spigot-yhp-ie
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - DefaultScope {62403BF9-B85D-4453-ACF4-965285CA2C99} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {62403BF9-B85D-4453-ACF4-965285CA2C99} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Advanced SystemCare\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} 
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} 
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\plugins
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [maxacookie@maxatools.com] C:\Program Files (x86)\MAXA Cookie Manager\extension
FF Extension: MAXA Cookie Manager - C:\Program Files (x86)\MAXA Cookie Manager\extension
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://de.search.yahoo.com?type=800236&fr=spigot-yhp-ch"
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\ASC_GhromePluginFor6.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [140672 2012-09-08] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-20] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
S4 OODefragAgent; C:\Program Files\OO Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PURANDEFRAGS.EXE [292736 2012-08-13] (Puran Software)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [180824 2013-06-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148632 2011-09-28] (Crawler.com)
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2010-01-15] (PC Tools)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 Firefox Service; 
S2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [x]
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-07-20] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-07-20] (Emsisoft GmbH)
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-07-11] (Emsisoft GmbH)
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-07-11] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [708632 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2013-06-18] (COMODO)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-06-18] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-18] (Zemana Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [198360 2013-06-17] (Sandboxie Holdings, LLC)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-11-19] (Windows (R) Win 7 DDK provider)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2010-01-15] (PC Tools)
R3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2010-01-15] (PC Tools)
R3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2010-01-15] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [59880 2010-01-15] (PC Tools)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-22 01:14 - 2013-07-22 01:15 - 01779363 _____ (Farbar) C:\Users\Bert\Downloads\FRST64.exe
2013-07-21 18:21 - 2013-07-21 18:22 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 17:34 - 2013-07-21 17:51 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 17:23 - 2013-07-21 23:49 - 00000168 _____ C:\windows\setupact.log
2013-07-21 17:23 - 2013-07-21 17:23 - 00000000 _____ C:\windows\setuperr.log
2013-07-21 16:56 - 2013-07-21 21:10 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-21 16:06 - 2013-07-21 23:50 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 15:37 - 2013-07-21 15:46 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:37 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-07-21 15:36 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-21 15:11 - 2013-07-21 15:12 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-21 15:10 - 2013-07-21 15:11 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-21 15:02 - 2013-07-21 15:11 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 05:56 - 2013-07-21 22:22 - 00038016 _____ C:\windows\WindowsUpdate.log
2013-07-21 03:52 - 2013-07-21 04:32 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ___HD C:\VTRoot
2013-07-21 03:21 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2013-07-21 02:50 - 2013-07-21 04:32 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 02:48 - 2013-07-21 02:50 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:30 - 2013-07-21 03:21 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\Bert\Documents\APNSetup.exe
2013-07-21 02:19 - 2013-07-21 06:00 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 00:46 - 2013-07-21 01:31 - 00000000 ____D C:\windows\erdnt
2013-07-20 12:53 - 2013-07-20 12:54 - 00000000 ____D C:\EEK
2013-07-20 11:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-07-20 01:24 - 2013-07-20 01:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:30 - 2013-07-21 08:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 00:25 - 2013-07-21 00:05 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-18 21:38 - 2013-07-19 11:44 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-17 05:21 - 2013-07-20 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-16 05:40 - 2013-07-21 03:36 - 00000000 ____D C:\Program Files\Unlocker
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 04:42 - 2013-07-16 05:27 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 02:49 - 2013-07-16 03:32 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-15 22:52 - 2013-07-15 22:52 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-15 17:47 - 2013-07-15 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-11 23:48 - 2013-07-11 23:51 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:28 - 2013-07-10 01:28 - 00000000 ____D C:\Program Files (x86)\BootkitRemoval
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:14 - 2013-07-10 00:16 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2012-12-20 22:24 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\windows\system32\Drivers\athrx.sys
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:09 - 2013-07-10 00:12 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-07-10 00:42 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:02 - 2013-07-20 19:10 - 00000000 ____D C:\Program Files\Supercopier
2013-07-10 00:02 - 2012-12-27 01:26 - 00805088 _____ (Realtek                                            ) C:\windows\system32\Drivers\Rt64win7.sys
2013-07-10 00:02 - 2012-12-27 01:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2013-07-10 00:00 - 2013-07-21 00:26 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-09 23:58 - 2013-07-16 03:57 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-09 23:57 - 2013-07-21 23:57 - 00000000 ____D C:\Program Files (x86)\PasteCopy.NET
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-04 00:16 - 2013-07-14 01:00 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-03 16:39 - 2013-07-03 16:44 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:17 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:13 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-28 00:11 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 21:52 - 2013-07-21 00:26 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}

==================== One Month Modified Files and Folders =======

2013-07-22 01:17 - 2013-02-08 12:37 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-22 01:15 - 2013-07-22 01:14 - 01779363 _____ (Farbar) C:\Users\Bert\Downloads\FRST64.exe
2013-07-22 00:00 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 00:00 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-21 23:58 - 2013-07-21 05:56 - 00038016 _____ C:\windows\WindowsUpdate.log
2013-07-21 23:57 - 2013-07-09 23:57 - 00000000 ____D C:\Program Files (x86)\PasteCopy.NET
2013-07-21 23:51 - 2011-11-19 16:47 - 00000000 ____D C:\Users\Bert\.rainlendar2
2013-07-21 23:50 - 2013-07-21 16:06 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-21 23:50 - 2012-06-07 11:56 - 00065536 _____ C:\windows\system32\Ikeext.etl
2013-07-21 23:50 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-21 23:49 - 2013-07-21 17:23 - 00000168 _____ C:\windows\setupact.log
2013-07-21 22:01 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-07-21 22:01 - 2011-11-19 17:00 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-21 21:10 - 2013-07-21 16:56 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-21 19:16 - 2011-11-16 10:08 - 00000000 ____D C:\Users\Bert\AppData\Local\CrashDumps
2013-07-21 18:22 - 2013-07-21 18:21 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:54 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2013-07-21 17:51 - 2013-07-21 17:34 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 17:23 - 2013-07-21 17:23 - 00000000 _____ C:\windows\setuperr.log
2013-07-21 16:07 - 2011-11-15 20:15 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Macromedia
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 16:06 - 2011-11-16 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-21 15:53 - 2011-11-15 22:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\vlc
2013-07-21 15:46 - 2013-07-21 15:37 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:46 - 2013-06-28 00:11 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 15:37 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2012-11-04 17:05 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 15:12 - 2013-07-21 15:11 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-21 15:11 - 2013-07-21 15:10 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-21 15:11 - 2013-07-21 15:02 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-21 09:05 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-07-21 08:00 - 2013-07-20 00:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-21 08:00 - 2012-07-13 13:04 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Launchy
2013-07-21 08:00 - 2012-04-26 21:36 - 00000000 ____D C:\Users\Bert\AppData\Roaming\SUPERAntiSpyware.com
2013-07-21 08:00 - 2011-11-19 17:17 - 00000000 ____D C:\Users\Administrator
2013-07-21 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 06:00 - 2013-07-21 02:19 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 04:32 - 2013-07-21 03:52 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 04:32 - 2013-07-21 02:50 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ___HD C:\VTRoot
2013-07-21 03:36 - 2013-07-16 05:40 - 00000000 ____D C:\Program Files\Unlocker
2013-07-21 03:22 - 2013-03-04 13:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-21 03:21 - 2013-07-21 02:30 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:50 - 2013-07-21 02:48 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:19 - 2011-11-16 07:51 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-21 02:00 - 2011-11-15 19:48 - 00000000 ____D C:\Users\Bert
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 01:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-21 01:31 - 2013-07-21 00:46 - 00000000 ____D C:\windows\erdnt
2013-07-21 01:26 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-07-21 00:39 - 2012-11-16 10:35 - 00000444 _____ C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-07-21 00:30 - 2011-11-15 20:01 - 00000000 ___RD C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-21 00:28 - 2012-09-05 14:32 - 00002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 00:27 - 2012-11-16 10:35 - 00003314 _____ C:\windows\System32\Tasks\Wise Registry Cleaner Schedule Task
2013-07-21 00:26 - 2013-07-10 00:00 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-21 00:26 - 2013-06-25 21:52 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}
2013-07-21 00:16 - 2011-11-26 22:40 - 00000000 ____D C:\ProgramData\Giraffic
2013-07-21 00:13 - 2011-11-26 22:40 - 00000000 ____D C:\Program Files (x86)\Giraffic
2013-07-21 00:05 - 2013-07-20 00:25 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 19:10 - 2013-07-10 00:02 - 00000000 ____D C:\Program Files\Supercopier
2013-07-20 15:14 - 2013-06-04 11:39 - 00000000 ____D C:\Program Files (x86)\AdWareCleaner
2013-07-20 12:55 - 2011-07-29 06:05 - 00696870 _____ C:\windows\system32\perfh007.dat
2013-07-20 12:55 - 2011-07-29 06:05 - 00148134 _____ C:\windows\system32\perfc007.dat
2013-07-20 12:55 - 2009-07-14 07:13 - 01612484 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-20 12:54 - 2013-07-20 12:53 - 00000000 ____D C:\EEK
2013-07-20 11:19 - 2011-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-20 02:21 - 2013-02-08 12:37 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-07-20 02:21 - 2013-02-08 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-20 02:21 - 2013-02-08 12:37 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-20 02:01 - 2012-04-25 12:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-20 01:30 - 2013-07-20 01:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 01:29 - 2013-07-17 05:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-20 00:52 - 2012-11-04 17:59 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-07-20 00:50 - 2013-03-05 02:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:43 - 2012-06-25 19:32 - 01093032 _____ (Oracle Corporation) C:\windows\system32\npDeployJava1.dll
2013-07-20 00:43 - 2012-01-17 21:33 - 00972712 _____ (Oracle Corporation) C:\windows\system32\deployJava1.dll
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:33 - 2011-11-16 18:57 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-19 22:20 - 2011-12-23 15:46 - 00000000 ____D C:\Users\Bert\Documents\FFOutput
2013-07-19 11:44 - 2013-07-18 21:38 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-18 15:03 - 2013-06-04 11:11 - 00025568 _____ (Zemana Ltd.) C:\windows\system32\Drivers\KeyCrypt64.sys
2013-07-18 04:43 - 2013-06-06 04:01 - 00000000 ____D C:\Users\Bert\MediathekView
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 05:27 - 2013-07-16 04:42 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 04:14 - 2013-05-07 17:25 - 00000000 ____D C:\Users\Bert\Documents\Statistik
2013-07-16 04:02 - 2011-11-16 08:34 - 00131136 _____ C:\Users\Bert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-16 04:02 - 2009-07-14 06:45 - 00481992 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 04:01 - 2012-11-04 18:05 - 00002382 _____ C:\windows\Sandboxie.ini
2013-07-16 03:57 - 2013-07-09 23:58 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-16 03:53 - 2011-11-15 19:56 - 00000000 ____D C:\ProgramData\Skype
2013-07-16 03:32 - 2013-07-16 02:49 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-15 22:52 - 2013-07-15 22:52 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-15 19:25 - 2013-07-15 17:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-14 01:00 - 2013-07-04 00:16 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-11 23:51 - 2013-07-11 23:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-11 23:51 - 2011-07-29 05:57 - 00000000 ____D C:\windows\ShellNew
2013-07-11 03:01 - 2011-11-17 05:14 - 78185248 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-07-10 02:14 - 2012-04-07 05:56 - 00000000 ____D C:\windows\Minidump
2013-07-10 02:14 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2013-07-10 02:03 - 2011-11-19 10:35 - 00000000 ____D C:\Program Files (x86)\Registry System Wizard
2013-07-10 01:51 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-07-10 01:47 - 2011-07-29 05:57 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:28 - 2013-07-10 01:28 - 00000000 ____D C:\Program Files (x86)\BootkitRemoval
2013-07-10 01:19 - 2012-09-05 14:56 - 01590378 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:54 - 2011-12-04 12:01 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Apple Computer
2013-07-10 00:42 - 2013-07-10 00:05 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:16 - 2013-07-10 00:14 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2013-07-10 00:09 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:07 - 2012-09-03 04:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-03-05 02:39 - 00000000 ____D C:\ProgramData\Licenses
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:00 - 2011-11-19 10:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-07-10 00:00 - 2011-11-16 09:03 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IObit
2013-07-09 16:06 - 2013-01-29 00:53 - 00000000 ____D C:\Users\Bert\Desktop\Institut für soziale Berufe
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-08 22:59 - 2013-06-18 16:16 - 00708632 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 12:11 - 2012-12-04 23:54 - 00000000 ____D C:\Program Files (x86)\URLSnooper2
2013-07-04 11:14 - 2012-12-18 17:00 - 00084027 _____ C:\Users\Bert\Desktop\Mjusiq.xspf
2013-07-04 11:10 - 2011-11-18 16:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 04:09 - 2012-07-13 01:33 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-04 04:09 - 2011-11-18 16:14 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-04 03:43 - 2012-10-11 11:23 - 00007607 _____ C:\Users\Bert\AppData\Local\Resmon.ResmonCfg
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-03 23:04 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Puran Defrag
2013-07-03 17:05 - 2011-11-15 22:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-03 16:44 - 2013-07-03 16:39 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:18 - 2013-07-02 17:17 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:18 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-26 20:29 - 2012-10-02 11:09 - 00000000 ____D C:\Users\Bert\Desktop\2nd
2013-06-22 15:51 - 2012-09-05 14:46 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Skype
2013-06-22 09:47 - 2011-11-19 16:49 - 00000000 ____D C:\ProgramData\DivX
2013-06-22 09:46 - 2012-03-16 15:43 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Audacity
2013-06-22 09:46 - 2011-11-19 16:49 - 00000000 ____D C:\Program Files (x86)\DivX
2013-06-22 09:34 - 2013-05-31 15:54 - 02756800 _____ (Sysinternals - www.sysinternals.com) C:\Program Files (x86)\ProcessExplorer.exe
2013-06-22 09:16 - 2012-09-05 14:37 - 00000000 ____D C:\Program Files (x86)\IcoFX 2
2013-06-22 09:14 - 2011-11-16 08:33 - 00000000 ____D C:\Program Files\Recuva

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 08:57

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2013
Ran by Bert at 2013-07-22 01:19:02
Running from C:\Users\Bert\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Canon MG5100 series MP Drivers
CCleaner (Version: 4.03)
COMODO Firewall (Version: 6.2.20728.2847)
dows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Eraser 6.0.10.2620 (Version: 6.0.2620)
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Finanzausgleich zum Selberrechnen (Version: 1.0.2)
GIMP 2.8.2 (Version: 2.8.2)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Jitsi (Version: 2.2.4603.9615)
K-Lite Codec Pack 9.2.0 (64-bit) (Version: 9.2.0)
Media Preview (Version: 1.2.5.264)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
O&O Defrag Free Edition (Version: 14.1.431)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Split And Merge Basic (Version: 2.2.2)
PDF-XChange Viewer (Version: 2.5.199.0)
PhotoFiltre 7 (HKCU)
Puran Defrag 7.5
Recuva (Version: 1.47)
Sandboxie 4.02 (64-bit) (Version: 4.02)
SUPERAntiSpyware (Version: 5.0.1146)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Windows-Treiberpaket - Realtek (RTL8167) Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)
Windows-Treiberpaket - Realtek Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)

==================== Restore Points  =========================

21-07-2013 04:01:09 Removed avast! Ad Blocker
21-07-2013 13:10:42 Gerätetreiber-Paketinstallation: COMODO Netzwerkdienst
21-07-2013 13:35:02 avast! Free Antivirus Setup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-21 01:26 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {052FF8F9-17E5-46CE-92E9-2459D443BE1D} - System32\Tasks\WifiManager => %programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe No File
Task: {07BA8459-7B7A-4378-BA93-87DAF8F39996} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe No File
Task: {121D8FED-57CE-49BA-A249-6F4B0FB52E2B} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {1D3851B4-445B-4305-8350-7780C810AE89} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {20EE00D5-6A47-499F-8646-0EEECB513933} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {25A491E4-7FC0-4845-AC74-E0A1A8854E03} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {337D99E1-D7F6-4856-BA54-99CB591D12B1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {362D8E5A-6F06-4B37-A8BC-362361B37052} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {3D505DDD-A399-485D-BE86-3973F4B7B2B4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {485C9238-50AE-4DBB-BB0C-BCD991F50DBD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {4BE9723B-5BFB-4B57-B199-62385B836FE7} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {4D6F3CD8-7EAE-4856-81B9-362478929477} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe No File
Task: {6BF1D49E-DF5C-49A8-BE77-3C4981C32DCA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {710D33EB-91F9-486B-B7BD-3F854CA02D54} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {718EE6EA-2C09-422C-A0BD-BAEC3B6261FB} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {735D7ABD-97FE-4846-9937-AB4E79035493} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cis.exe [2013-07-08] (COMODO)
Task: {7A2B3EFC-3362-4935-B339-884F665B6953} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2012-11-08] (WiseCleaner.com)
Task: {7D5CB5A2-919E-4192-A53A-AB0928AB102F} - System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-07-20] (Mozilla Corporation)
Task: {91586A9A-F31D-46B0-AD12-B2EA51F12FB5} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {92801305-2B16-4643-A691-588E7158BDD4} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {9424B58E-CC51-430F-B47D-AF5ADA340E8B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {9809E7C2-3D95-425E-806A-CCC7DA20450E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {A2EC6E16-DD7C-42E6-A5BB-55CE62962A8B} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe No File
Task: {B971BF12-5F0B-4B04-A0DD-92042CAE76EC} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe No File
Task: {BA03484F-45BA-4578-A970-55D9BD72E503} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cfpconfg.exe [2013-07-08] (COMODO)
Task: {C2390F26-B14C-45EF-AE0D-BDB414531F1B} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {C50A22D2-F54D-482A-9577-DF42FF3B6FC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {C7F32861-B0A4-450B-A160-0EFCB9969A8E} - System32\Tasks\SUPBackground => %ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {CDE2BB82-6299-4A58-A22E-3745FD40D6D0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {CE138B3D-A62C-41D2-AD85-F767AB0971FD} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2013-06-19] (Piriform Ltd)
Task: {DC7F9992-F690-448D-976A-21B1347CC9FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EA4ED269-2A24-41F4-9428-38506827D19F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-06-08] (IObit)
Task: {FFBED0E0-3C47-49A8-8D34-064CA7B1A8D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2013 11:52:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 10:04:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 10:02:27 PM) (Source: ESENT) (User: )
Description: taskhost (2808) Versuch, Datei "C:\Users\Bert\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (07/21/2013 07:16:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: thunderbird.exe, Version: 23.0.0.4931, Zeitstempel: 0x51d32d51
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004ffac
ID des fehlerhaften Prozesses: 0xd7c
Startzeit der fehlerhaften Anwendung: 0xthunderbird.exe0
Pfad der fehlerhaften Anwendung: thunderbird.exe1
Pfad des fehlerhaften Moduls: thunderbird.exe2
Berichtskennung: thunderbird.exe3

Error: (07/21/2013 05:48:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IconEx_Setup.exe, Version: 2005.5.25.2125, Zeitstempel: 0x425cea64
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x777a1221
ID des fehlerhaften Prozesses: 0x10f4
Startzeit der fehlerhaften Anwendung: 0xIconEx_Setup.exe0
Pfad der fehlerhaften Anwendung: IconEx_Setup.exe1
Pfad des fehlerhaften Moduls: IconEx_Setup.exe2
Berichtskennung: IconEx_Setup.exe3

Error: (07/21/2013 05:24:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 05:20:51 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5472 - Fatal Execution Engine Error (000007FEF07E5756) (80131506)

Error: (07/21/2013 03:57:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 03:32:07 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\SYSTEM32\SVCHOST.EXE -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (07/21/2013 03:17:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/21/2013 11:51:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/21/2013 11:51:03 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (07/21/2013 11:50:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/21/2013 11:50:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/21/2013 11:50:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Firefox Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/21/2013 10:22:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (07/21/2013 10:22:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/21/2013 10:22:05 PM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (07/21/2013 10:03:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/21/2013 10:03:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (07/21/2013 11:52:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 10:04:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 10:02:27 PM) (Source: ESENT)(User: )
Description: taskhost2808C:\Users\Bert\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (07/21/2013 07:16:18 PM) (Source: Application Error)(User: )
Description: thunderbird.exe23.0.0.493151d32d51ntdll.dll6.1.7601.177254ec49b8fc00000050004ffacd7c01ce86339bdd9ebaC:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exeC:\windows\SysWOW64\ntdll.dll41091119-f229-11e2-900b-e81132c8ae88

Error: (07/21/2013 05:48:20 PM) (Source: Application Error)(User: )
Description: IconEx_Setup.exe2005.5.25.2125425cea64unknown0.0.0.000000000c000041d777a122110f401ce8629b79798b3C:\Program Files (x86)\IconExtractor\IconEx_Setup.exeunknownf6fd5b62-f21c-11e2-900b-e81132c8ae88

Error: (07/21/2013 05:24:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 05:20:51 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 2.0.50727.5472 - Fatal Execution Engine Error (000007FEF07E5756) (80131506)

Error: (07/21/2013 03:57:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 03:32:07 PM) (Source: System Restore)(User: )
Description: C:\WINDOWS\SYSTEM32\SVCHOST.EXE -k netsvcsWindows Update0x81000101

Error: (07/21/2013 03:17:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-07-21 01:22:44.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:08:29.246
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:08:29.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:07:26.610
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:07:26.564
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 12:05:50.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 12:05:50.475
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 11:59:53.693
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\2005.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 11:59:53.667
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\2005.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 4009.55 MB
Available physical RAM: 1202.04 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 4451.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71 GB) (Free:16.08 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:203.63 GB) (Free:1.5 GB) NTFS (Disk=0 Partition=4)
Drive e: (CD099A1) (CDROM) (Total:0.15 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 010722F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================
         
__________________

Alt 22.07.2013, 09:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.07.2013, 17:43   #5
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Hallo schrauber,

habe jetzt mehrere AdwCleaner-Durchläufe gemacht.

Vorher: AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 22/07/2013 um 16:30:07 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bert\Downloads\adwcleaner06.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\Search Settings

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

Gefunden : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir[...]

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************


########## EOF - C:\AdwCleaner[R1].txt - [0 octets] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 22/07/2013 um 16:30:07 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bert\Downloads\adwcleaner06.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\Search Settings

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

Gefunden : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir[...]

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************


########## EOF - C:\AdwCleaner[R1].txt - [0 octets] ##########
         
--- --- ---


Nachher: AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 22/07/2013 um 17:15:58 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bert\Desktop\adwcleaner06.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [3838 octets] - [22/07/2013 16:30:07]
AdwCleaner[R2].txt - [1539 octets] - [22/07/2013 16:46:26]
AdwCleaner[R3].txt - [1719 octets] - [22/07/2013 17:14:17]
AdwCleaner[S1].txt - [3842 octets] - [22/07/2013 16:31:08]
AdwCleaner[S2].txt - [1601 octets] - [22/07/2013 16:47:52]
AdwCleaner[S3].txt - [1661 octets] - [22/07/2013 16:56:51]
AdwCleaner[S4].txt - [1652 octets] - [22/07/2013 17:15:58]

########## EOF - C:\AdwCleaner[S4].txt - [1712 octets] ##########
         
--- --- ---


Dieser 'grusskartencenter.com-Mist' lässt sich damit nicht vollständig killen.

Beim JRT habe ich jetzt das Problem, was ich vor Kurzem noch nicht hatte, nämlich, dass ich das Programm nicht ans Laufen kriege. Meldung: Error during Execution: [Bla, bla, bla ...] Zugriff verweigert Es ist wie verhext!

Das JRT hab ich jetzt auch zweimal im abgesicherten Modus durchlaufen lassen und den AdwCleaner noch mal hinterher. Ergebnis:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.0 (07.21.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bert on 22.07.2013 at 18:19:06,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2013 at 18:21:06,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
(JRT hatte aber vorher was gelöscht!)

Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 22/07/2013 um 18:24:35 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Abgesicherter Modus mit Netzwerkunterstützung
# Ausgeführt unter : C:\Users\Bert\Desktop\adwcleaner06.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [3838 octets] - [22/07/2013 16:30:07]
AdwCleaner[R2].txt - [1539 octets] - [22/07/2013 16:46:26]
AdwCleaner[R3].txt - [1719 octets] - [22/07/2013 17:14:17]
AdwCleaner[R4].txt - [1839 octets] - [22/07/2013 17:25:02]
AdwCleaner[R5].txt - [1938 octets] - [22/07/2013 18:01:47]
AdwCleaner[R6].txt - [2113 octets] - [22/07/2013 18:23:48]
AdwCleaner[S1].txt - [3842 octets] - [22/07/2013 16:31:08]
AdwCleaner[S2].txt - [1601 octets] - [22/07/2013 16:47:52]
AdwCleaner[S3].txt - [1661 octets] - [22/07/2013 16:56:51]
AdwCleaner[S4].txt - [1781 octets] - [22/07/2013 17:15:58]
AdwCleaner[S5].txt - [2000 octets] - [22/07/2013 18:02:19]
AdwCleaner[S6].txt - [1935 octets] - [22/07/2013 18:07:07]
AdwCleaner[S7].txt - [1995 octets] - [22/07/2013 18:14:44]
AdwCleaner[S8].txt - [2055 octets] - [22/07/2013 18:21:37]
AdwCleaner[S9].txt - [2046 octets] - [22/07/2013 18:24:35]

########## EOF - C:\AdwCleaner[S9].txt - [2106 octets] ##########
         
Trotzdem sind die Werbedings noch da! Pleeeeease help! LG


Geändert von UltimateBert (22.07.2013 um 16:45 Uhr)

Alt 22.07.2013, 17:50   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Frisches FRST log bitte
__________________
--> Nervige Werbung: 'Ads not by this site'-Problem

Alt 22.07.2013, 18:16   #7
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Okay, hier die Scan-Ergebnisse:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by Bert (administrator) on 22-07-2013 19:09:27
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\A2SERVICE.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CMDAGENT.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
(IObit) C:\PROGRAM FILES (X86)\IOBIT\IOBIT MALWARE FIGHTER\IMFSRV.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CISTRAY.EXE
(SUPERAntiSpyware.com) C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MAXA Research Int'l Inc.) C:\PROGRAM FILES (X86)\MAXA COOKIE MANAGER\COOKIE.EXE
() C:\PROGRAM FILES\RAINLENDAR\RAINLENDAR2.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
(PC Tools) C:\PROGRAM FILES (X86)\THREATFIRE\TFTRAY.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
(Zemana Ltd.) C:\PROGRAM FILES (X86)\ZEMANA ANTILOGGER\ANTILOGGER FREE.EXE
(AVAST Software) C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
(IObit) C:\PROGRAM FILES (X86)\IOBIT\IOBIT MALWARE FIGHTER\IMF.EXE
(CyberLink) C:\PROGRAM FILES (X86)\CYBERLINK\YOUCAM\YCMMIRAGE.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASY DISPLAY MANAGER\DMHKCORE.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASY DISPLAY MANAGER\WIFIMANAGER.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(PC Tools) C:\PROGRAM FILES (X86)\THREATFIRE\TFSERVICE.EXE
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUNEUPUTILITIESSERVICE64.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUNEUPUTILITIESAPP64.EXE
(Safer-Networking Ltd.) C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CAVWP.EXE
(COMODO) C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\CIS.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES\SAMSUNG\SAMSUNGFASTSTART\SMARTRESTARTER.EXE
(CyberLink) C:\PROGRAM FILES (X86)\CYBERLINK\POWER2GO\CLMLSVC.EXE
(CyberLink Corp.) C:\PROGRAM FILES (X86)\CYBERLINK\MEDIA+PLAYER10\MEDIA+PLAYER10SERV.EXE
(Intel Corporation) C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
(Intel Corporation) C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\EASYSPEEDUPMANAGER\EASYSPEEDUPMANAGER.EXE
(Samsung Electronics Co., Ltd.) C:\PROGRAM FILES (X86)\SAMSUNG\MOVIE COLOR ENHANCER\MOVIECOLORENHANCER.EXE
(SAMSUNG Electronics) C:\PROGRAM FILES (X86)\SAMSUNG\SAMSUNG SUPPORT CENTER\SSCKBDHK.EXE
(Intel Corporation) C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
(Samsung Electronics) C:\PROGRAM FILES (X86)\SAMSUNG\SAMSUNG UPDATE PLUS\SUPBACKGROUND.EXE
(Mozilla Corporation) C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_8_800_94.EXE
(Adobe Systems, Inc.) C:\WINDOWS\SYSWOW64\MACROMED\FLASH\FLASHPLAYERPLUGIN_11_8_800_94.EXE
(EJIE Technology) C:\PROGRAM FILES (X86)\CLOVER\CLOVER.EXE
(The Eraser Project) C:\PROGRA~1\ERASER\ERASER.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [COMODO Internet Security] - C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cistray.exe [1502424 2013-07-08] (COMODO)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKCU\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKCU\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKCU\...\Run: [SandboxieControl] - C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe [759384 2013-06-17] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [ThreatFire] - C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2010-01-15] (PC Tools)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe                                                                                                                                                                                                         [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] - "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart [1504576 2013-05-30] (IObit)
HKLM-x32\...\Run: [ZALFree] - "C:\Program Files (x86)\Zemana AntiLogger\AntiLogger Free.exe" /MINIMIZED [12999984 2013-07-18] (Zemana Ltd.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKU\Administrator\...\Run: [Advanced SystemCare 5] - "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart [619352 2011-12-30] (IObit)
HKU\Administrator\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [x]
HKU\Administrator\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKU\Administrator\...\Run: [VeohPlugin] - "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2816328 2011-10-26] (Veoh Networks)
HKU\Administrator\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe /autorun [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKU\Administrator\...\Run: [SandboxieControl] - "C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe" [759384 2013-06-17] (Sandboxie Holdings, LLC)
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KEYCRY~4.DLL [89936 2013-07-18] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KEYCRY~3.DLL [82696 2013-07-18] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
BootExecute: fSDKBtDfSDKBtsdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=198484&fr=spigot-yhp-ie
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {62403BF9-B85D-4453-ACF4-965285CA2C99} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Advanced SystemCare\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} 
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} 
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\plugins
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [maxacookie@maxatools.com] C:\Program Files (x86)\MAXA Cookie Manager\extension
FF Extension: MAXA Cookie Manager - C:\Program Files (x86)\MAXA Cookie Manager\extension
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://de.search.yahoo.com?type=800236&fr=spigot-yhp-ch"
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\ASC_GhromePluginFor6.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [140672 2012-09-08] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-20] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
S4 OODefragAgent; C:\Program Files\OO Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PURANDEFRAGS.EXE [292736 2012-08-13] (Puran Software)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [180824 2013-06-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148632 2011-09-28] (Crawler.com)
R2 ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [70928 2010-01-15] (PC Tools)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 Firefox Service; 
S2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [x]
S2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-07-20] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-07-20] (Emsisoft GmbH)
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-07-11] (Emsisoft GmbH)
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-07-11] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57032 2013-07-11] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [708632 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2013-06-18] (COMODO)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-06-18] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-18] (Zemana Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [198360 2013-06-17] (Sandboxie Holdings, LLC)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-11-19] (Windows (R) Win 7 DDK provider)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65072 2010-01-15] (PC Tools)
R3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2010-01-15] (PC Tools)
R3 TfNetMon; C:\windows\system32\drivers\TfNetMon.sys [41888 2010-01-15] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [59880 2010-01-15] (PC Tools)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 19:08 - 2013-07-22 19:08 - 00089090 _____ C:\Users\Bert\Desktop\FRST.txt
2013-07-22 18:28 - 2013-07-22 18:28 - 00002175 _____ C:\Users\Bert\Desktop\AdwCleaner[S9].txt
2013-07-22 18:24 - 2013-07-22 18:24 - 00002175 _____ C:\AdwCleaner[S9].txt
2013-07-22 18:24 - 2013-07-22 18:24 - 00002113 _____ C:\Users\Bert\Desktop\AdwCleaner[R6].txt
2013-07-22 18:23 - 2013-07-22 18:24 - 00002113 _____ C:\AdwCleaner[R6].txt
2013-07-22 18:21 - 2013-07-22 18:21 - 00002055 _____ C:\AdwCleaner[S8].txt
2013-07-22 18:21 - 2013-07-22 18:21 - 00000624 _____ C:\Users\Bert\Desktop\JRT.txt
2013-07-22 18:14 - 2013-07-22 18:14 - 00001995 _____ C:\AdwCleaner[S7].txt
2013-07-22 18:07 - 2013-07-22 18:07 - 00001935 _____ C:\AdwCleaner[S6].txt
2013-07-22 18:03 - 2013-07-22 18:25 - 00000224 _____ C:\windows\setupact.log
2013-07-22 18:03 - 2013-07-22 18:03 - 00000000 _____ C:\windows\setuperr.log
2013-07-22 18:02 - 2013-07-22 18:02 - 00002000 _____ C:\AdwCleaner[S5].txt
2013-07-22 18:01 - 2013-07-22 18:02 - 00001938 _____ C:\AdwCleaner[R5].txt
2013-07-22 17:25 - 2013-07-22 17:25 - 00001839 _____ C:\AdwCleaner[R4].txt
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:15 - 2013-07-22 17:16 - 00001781 _____ C:\AdwCleaner[S4].txt
2013-07-22 17:15 - 2013-07-22 17:15 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\Bert\Downloads\JRT.exe
2013-07-22 17:14 - 2013-07-22 17:14 - 00001719 _____ C:\AdwCleaner[R3].txt
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:56 - 2013-07-22 16:57 - 00001661 _____ C:\AdwCleaner[S3].txt
2013-07-22 16:47 - 2013-07-22 16:48 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:31 - 2013-07-22 16:32 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 14:30 - 2013-07-22 14:30 - 00024064 _____ C:\Users\Bert\Desktop\Mappe1.xls
2013-07-22 11:58 - 2013-07-22 11:59 - 00666633 _____ C:\Users\Bert\Desktop\adwcleaner06.exe
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:03 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2013-07-22 04:03 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2013-07-22 04:03 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2013-07-22 04:03 - 2013-03-29 17:10 - 00449481 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2013-07-22 04:03 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2013-07-22 04:03 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2013-07-22 04:03 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
2013-07-22 04:03 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2013-07-22 04:03 - 2013-03-25 17:32 - 03180264 _____ C:\windows\system32\Drivers\rtvienna.dat
2013-07-22 04:03 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2013-07-22 04:03 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2013-07-22 04:03 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2013-07-22 04:03 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2013-07-22 04:03 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2013-07-22 04:03 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2013-07-22 04:03 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2013-07-22 04:03 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2013-07-22 04:03 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2013-07-22 04:03 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2013-07-22 04:03 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2013-07-22 04:03 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2013-07-22 04:03 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2013-07-22 04:03 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2013-07-22 04:02 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2013-07-22 04:02 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2013-07-22 04:01 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2013-07-22 04:01 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll
2013-07-22 04:01 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 18:21 - 2013-07-21 18:22 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 17:34 - 2013-07-21 17:51 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 16:56 - 2013-07-22 01:47 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-21 16:06 - 2013-07-22 18:25 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 15:37 - 2013-07-21 15:46 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:37 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-07-21 15:36 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-21 15:11 - 2013-07-21 15:12 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-21 15:10 - 2013-07-21 15:11 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-21 15:02 - 2013-07-22 18:30 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 05:56 - 2013-07-22 18:30 - 00105925 _____ C:\windows\WindowsUpdate.log
2013-07-21 03:52 - 2013-07-21 04:32 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ___HD C:\VTRoot
2013-07-21 03:21 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2013-07-21 02:50 - 2013-07-21 04:32 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 02:48 - 2013-07-21 02:50 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:30 - 2013-07-21 03:21 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\Bert\Documents\APNSetup.exe
2013-07-21 02:19 - 2013-07-21 06:00 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 00:46 - 2013-07-21 01:31 - 00000000 ____D C:\windows\erdnt
2013-07-20 12:53 - 2013-07-20 12:54 - 00000000 ____D C:\EEK
2013-07-20 11:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-07-20 01:24 - 2013-07-20 01:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:30 - 2013-07-21 08:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 00:25 - 2013-07-21 00:05 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-18 21:38 - 2013-07-19 11:44 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-17 05:21 - 2013-07-20 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-16 05:40 - 2013-07-21 03:36 - 00000000 ____D C:\Program Files\Unlocker
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 04:42 - 2013-07-16 05:27 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 02:49 - 2013-07-16 03:32 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-15 22:52 - 2013-07-22 17:15 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-15 17:47 - 2013-07-22 16:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-11 23:48 - 2013-07-11 23:51 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:28 - 2013-07-10 01:28 - 00000000 ____D C:\Program Files (x86)\BootkitRemoval
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:14 - 2013-07-10 00:16 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2012-12-20 22:24 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\windows\system32\Drivers\athrx.sys
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:09 - 2013-07-10 00:12 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-07-10 00:42 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:02 - 2013-07-20 19:10 - 00000000 ____D C:\Program Files\Supercopier
2013-07-10 00:02 - 2012-12-27 01:26 - 00805088 _____ (Realtek                                            ) C:\windows\system32\Drivers\Rt64win7.sys
2013-07-10 00:02 - 2012-12-27 01:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2013-07-10 00:00 - 2013-07-21 00:26 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-09 23:58 - 2013-07-16 03:57 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-09 23:57 - 2013-07-21 23:57 - 00000000 ____D C:\Program Files (x86)\PasteCopy.NET
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-04 00:16 - 2013-07-14 01:00 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-03 16:39 - 2013-07-03 16:44 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:17 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:13 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-28 00:11 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 21:52 - 2013-07-21 00:26 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}

==================== One Month Modified Files and Folders =======

2013-07-22 19:08 - 2013-07-22 19:08 - 00089090 _____ C:\Users\Bert\Desktop\FRST.txt
2013-07-22 19:00 - 2011-07-29 06:05 - 00696870 _____ C:\windows\system32\perfh007.dat
2013-07-22 19:00 - 2011-07-29 06:05 - 00148134 _____ C:\windows\system32\perfc007.dat
2013-07-22 19:00 - 2009-07-14 07:13 - 01612484 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-22 18:34 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 18:34 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 18:30 - 2013-07-21 15:02 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-22 18:30 - 2013-07-21 05:56 - 00105925 _____ C:\windows\WindowsUpdate.log
2013-07-22 18:28 - 2013-07-22 18:28 - 00002175 _____ C:\Users\Bert\Desktop\AdwCleaner[S9].txt
2013-07-22 18:25 - 2013-07-22 18:03 - 00000224 _____ C:\windows\setupact.log
2013-07-22 18:25 - 2013-07-21 16:06 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-22 18:25 - 2012-06-07 11:56 - 00065536 _____ C:\windows\system32\Ikeext.etl
2013-07-22 18:25 - 2011-11-19 16:47 - 00000000 ____D C:\Users\Bert\.rainlendar2
2013-07-22 18:25 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-22 18:24 - 2013-07-22 18:24 - 00002175 _____ C:\AdwCleaner[S9].txt
2013-07-22 18:24 - 2013-07-22 18:24 - 00002113 _____ C:\Users\Bert\Desktop\AdwCleaner[R6].txt
2013-07-22 18:24 - 2013-07-22 18:23 - 00002113 _____ C:\AdwCleaner[R6].txt
2013-07-22 18:21 - 2013-07-22 18:21 - 00002055 _____ C:\AdwCleaner[S8].txt
2013-07-22 18:21 - 2013-07-22 18:21 - 00000624 _____ C:\Users\Bert\Desktop\JRT.txt
2013-07-22 18:17 - 2013-02-08 12:37 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-22 18:14 - 2013-07-22 18:14 - 00001995 _____ C:\AdwCleaner[S7].txt
2013-07-22 18:07 - 2013-07-22 18:07 - 00001935 _____ C:\AdwCleaner[S6].txt
2013-07-22 18:03 - 2013-07-22 18:03 - 00000000 _____ C:\windows\setuperr.log
2013-07-22 18:02 - 2013-07-22 18:02 - 00002000 _____ C:\AdwCleaner[S5].txt
2013-07-22 18:02 - 2013-07-22 18:01 - 00001938 _____ C:\AdwCleaner[R5].txt
2013-07-22 17:25 - 2013-07-22 17:25 - 00001839 _____ C:\AdwCleaner[R4].txt
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:16 - 2013-07-22 17:15 - 00001781 _____ C:\AdwCleaner[S4].txt
2013-07-22 17:16 - 2011-11-16 10:08 - 00000000 ____D C:\Users\Bert\AppData\Local\CrashDumps
2013-07-22 17:16 - 2011-11-15 22:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\vlc
2013-07-22 17:15 - 2013-07-22 17:15 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\Bert\Downloads\JRT.exe
2013-07-22 17:15 - 2013-07-15 22:52 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-22 17:14 - 2013-07-22 17:14 - 00001719 _____ C:\AdwCleaner[R3].txt
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:57 - 2013-07-22 16:56 - 00001661 _____ C:\AdwCleaner[S3].txt
2013-07-22 16:48 - 2013-07-22 16:47 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:37 - 2013-07-15 17:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-22 16:32 - 2013-07-22 16:31 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 14:30 - 2013-07-22 14:30 - 00024064 _____ C:\Users\Bert\Desktop\Mappe1.xls
2013-07-22 11:59 - 2013-07-22 11:58 - 00666633 _____ C:\Users\Bert\Desktop\adwcleaner06.exe
2013-07-22 04:07 - 2011-11-19 17:00 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:04 - 2011-07-29 01:49 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2013-07-22 01:47 - 2013-07-21 16:56 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 23:57 - 2013-07-09 23:57 - 00000000 ____D C:\Program Files (x86)\PasteCopy.NET
2013-07-21 22:01 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-07-21 18:22 - 2013-07-21 18:21 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:54 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2013-07-21 17:51 - 2013-07-21 17:34 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 16:07 - 2011-11-15 20:15 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Macromedia
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 16:06 - 2011-11-16 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-21 15:46 - 2013-07-21 15:37 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:46 - 2013-06-28 00:11 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 15:37 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2012-11-04 17:05 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 15:12 - 2013-07-21 15:11 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-21 15:11 - 2013-07-21 15:10 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-21 09:05 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-07-21 08:00 - 2013-07-20 00:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-21 08:00 - 2012-07-13 13:04 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Launchy
2013-07-21 08:00 - 2012-04-26 21:36 - 00000000 ____D C:\Users\Bert\AppData\Roaming\SUPERAntiSpyware.com
2013-07-21 08:00 - 2011-11-19 17:17 - 00000000 ____D C:\Users\Administrator
2013-07-21 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 06:00 - 2013-07-21 02:19 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 04:32 - 2013-07-21 03:52 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 04:32 - 2013-07-21 02:50 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ___HD C:\VTRoot
2013-07-21 03:36 - 2013-07-16 05:40 - 00000000 ____D C:\Program Files\Unlocker
2013-07-21 03:22 - 2013-03-04 13:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-21 03:21 - 2013-07-21 02:30 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:50 - 2013-07-21 02:48 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:19 - 2011-11-16 07:51 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-21 02:00 - 2011-11-15 19:48 - 00000000 ____D C:\Users\Bert
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 01:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-21 01:31 - 2013-07-21 00:46 - 00000000 ____D C:\windows\erdnt
2013-07-21 01:26 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-07-21 00:39 - 2012-11-16 10:35 - 00000444 _____ C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-07-21 00:30 - 2011-11-15 20:01 - 00000000 ___RD C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-21 00:28 - 2012-09-05 14:32 - 00002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 00:27 - 2012-11-16 10:35 - 00003314 _____ C:\windows\System32\Tasks\Wise Registry Cleaner Schedule Task
2013-07-21 00:26 - 2013-07-10 00:00 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-21 00:26 - 2013-06-25 21:52 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}
2013-07-21 00:16 - 2011-11-26 22:40 - 00000000 ____D C:\ProgramData\Giraffic
2013-07-21 00:13 - 2011-11-26 22:40 - 00000000 ____D C:\Program Files (x86)\Giraffic
2013-07-21 00:05 - 2013-07-20 00:25 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 19:10 - 2013-07-10 00:02 - 00000000 ____D C:\Program Files\Supercopier
2013-07-20 15:14 - 2013-06-04 11:39 - 00000000 ____D C:\Program Files (x86)\AdWareCleaner
2013-07-20 12:54 - 2013-07-20 12:53 - 00000000 ____D C:\EEK
2013-07-20 11:19 - 2011-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-20 02:21 - 2013-02-08 12:37 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-07-20 02:21 - 2013-02-08 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-20 02:21 - 2013-02-08 12:37 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-20 02:01 - 2012-04-25 12:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-20 01:30 - 2013-07-20 01:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 01:29 - 2013-07-17 05:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-20 00:52 - 2012-11-04 17:59 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-07-20 00:50 - 2013-03-05 02:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:43 - 2012-06-25 19:32 - 01093032 _____ (Oracle Corporation) C:\windows\system32\npDeployJava1.dll
2013-07-20 00:43 - 2012-01-17 21:33 - 00972712 _____ (Oracle Corporation) C:\windows\system32\deployJava1.dll
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:33 - 2011-11-16 18:57 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-19 22:20 - 2011-12-23 15:46 - 00000000 ____D C:\Users\Bert\Documents\FFOutput
2013-07-19 11:44 - 2013-07-18 21:38 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-18 15:03 - 2013-06-04 11:11 - 00025568 _____ (Zemana Ltd.) C:\windows\system32\Drivers\KeyCrypt64.sys
2013-07-18 04:43 - 2013-06-06 04:01 - 00000000 ____D C:\Users\Bert\MediathekView
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 05:27 - 2013-07-16 04:42 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 04:14 - 2013-05-07 17:25 - 00000000 ____D C:\Users\Bert\Documents\Statistik
2013-07-16 04:02 - 2011-11-16 08:34 - 00131136 _____ C:\Users\Bert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-16 04:02 - 2009-07-14 06:45 - 00481992 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 04:01 - 2012-11-04 18:05 - 00002382 _____ C:\windows\Sandboxie.ini
2013-07-16 03:57 - 2013-07-09 23:58 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-16 03:53 - 2011-11-15 19:56 - 00000000 ____D C:\ProgramData\Skype
2013-07-16 03:32 - 2013-07-16 02:49 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-14 01:00 - 2013-07-04 00:16 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-11 23:51 - 2013-07-11 23:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-11 23:51 - 2011-07-29 05:57 - 00000000 ____D C:\windows\ShellNew
2013-07-11 03:01 - 2011-11-17 05:14 - 78185248 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-07-10 02:14 - 2012-04-07 05:56 - 00000000 ____D C:\windows\Minidump
2013-07-10 02:14 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2013-07-10 02:03 - 2011-11-19 10:35 - 00000000 ____D C:\Program Files (x86)\Registry System Wizard
2013-07-10 01:51 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-07-10 01:47 - 2011-07-29 05:57 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:28 - 2013-07-10 01:28 - 00000000 ____D C:\Program Files (x86)\BootkitRemoval
2013-07-10 01:19 - 2012-09-05 14:56 - 01590378 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:54 - 2011-12-04 12:01 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Apple Computer
2013-07-10 00:42 - 2013-07-10 00:05 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:16 - 2013-07-10 00:14 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2013-07-10 00:09 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:07 - 2012-09-03 04:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-03-05 02:39 - 00000000 ____D C:\ProgramData\Licenses
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:00 - 2011-11-19 10:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-07-10 00:00 - 2011-11-16 09:03 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IObit
2013-07-09 16:06 - 2013-01-29 00:53 - 00000000 ____D C:\Users\Bert\Desktop\Institut für soziale Berufe
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-08 22:59 - 2013-06-18 16:16 - 00708632 _____ (COMODO) C:\windows\system32\Drivers\cmdguard.sys
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 12:11 - 2012-12-04 23:54 - 00000000 ____D C:\Program Files (x86)\URLSnooper2
2013-07-04 11:14 - 2012-12-18 17:00 - 00084027 _____ C:\Users\Bert\Desktop\Mjusiq.xspf
2013-07-04 11:10 - 2011-11-18 16:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 04:09 - 2012-07-13 01:33 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-04 04:09 - 2011-11-18 16:14 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-04 03:43 - 2012-10-11 11:23 - 00007607 _____ C:\Users\Bert\AppData\Local\Resmon.ResmonCfg
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-03 23:04 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Puran Defrag
2013-07-03 17:05 - 2011-11-15 22:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-03 16:44 - 2013-07-03 16:39 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:18 - 2013-07-02 17:17 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:18 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-26 20:29 - 2012-10-02 11:09 - 00000000 ____D C:\Users\Bert\Desktop\2nd
2013-06-22 15:51 - 2012-09-05 14:46 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Skype
2013-06-22 09:47 - 2011-11-19 16:49 - 00000000 ____D C:\ProgramData\DivX
2013-06-22 09:46 - 2012-03-16 15:43 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Audacity
2013-06-22 09:46 - 2011-11-19 16:49 - 00000000 ____D C:\Program Files (x86)\DivX
2013-06-22 09:34 - 2013-05-31 15:54 - 02756800 _____ (Sysinternals - www.sysinternals.com) C:\Program Files (x86)\ProcessExplorer.exe
2013-06-22 09:16 - 2012-09-05 14:37 - 00000000 ____D C:\Program Files (x86)\IcoFX 2
2013-06-22 09:14 - 2011-11-16 08:33 - 00000000 ____D C:\Program Files\Recuva

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 08:57

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2013
Ran by Bert at 2013-07-22 19:11:07
Running from F:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Canon MG5100 series MP Drivers
CCleaner (Version: 4.03)
COMODO Firewall (Version: 6.2.20728.2847)
dows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Eraser 6.0.10.2620 (Version: 6.0.2620)
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Finanzausgleich zum Selberrechnen (Version: 1.0.2)
GIMP 2.8.2 (Version: 2.8.2)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Jitsi (Version: 2.2.4603.9615)
K-Lite Codec Pack 9.2.0 (64-bit) (Version: 9.2.0)
Media Preview (Version: 1.2.5.264)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
O&O Defrag Free Edition (Version: 14.1.431)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Split And Merge Basic (Version: 2.2.2)
PDF-XChange Viewer (Version: 2.5.199.0)
PhotoFiltre 7 (HKCU)
Puran Defrag 7.5
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Recuva (Version: 1.47)
Sandboxie 4.02 (64-bit) (Version: 4.02)
SUPERAntiSpyware (Version: 5.0.1146)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Windows-Treiberpaket - Realtek (RTL8167) Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)
Windows-Treiberpaket - Realtek Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)

==================== Restore Points  =========================

21-07-2013 04:01:09 Removed avast! Ad Blocker
21-07-2013 13:10:42 Gerätetreiber-Paketinstallation: COMODO Netzwerkdienst
21-07-2013 13:35:02 avast! Free Antivirus Setup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-21 01:26 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {052FF8F9-17E5-46CE-92E9-2459D443BE1D} - System32\Tasks\WifiManager => %programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe No File
Task: {07BA8459-7B7A-4378-BA93-87DAF8F39996} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe No File
Task: {121D8FED-57CE-49BA-A249-6F4B0FB52E2B} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {1D3851B4-445B-4305-8350-7780C810AE89} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {20EE00D5-6A47-499F-8646-0EEECB513933} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {2309FC7A-CAE3-4C88-9B87-7CF7ED7FBF06} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {25A491E4-7FC0-4845-AC74-E0A1A8854E03} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {362D8E5A-6F06-4B37-A8BC-362361B37052} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {3D505DDD-A399-485D-BE86-3973F4B7B2B4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {485C9238-50AE-4DBB-BB0C-BCD991F50DBD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {4BE9723B-5BFB-4B57-B199-62385B836FE7} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {4D6F3CD8-7EAE-4856-81B9-362478929477} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe No File
Task: {5AE26E70-0182-4C27-B334-37FF782BBA7C} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {6BF1D49E-DF5C-49A8-BE77-3C4981C32DCA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {710D33EB-91F9-486B-B7BD-3F854CA02D54} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {735D7ABD-97FE-4846-9937-AB4E79035493} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cis.exe [2013-07-08] (COMODO)
Task: {7A2B3EFC-3362-4935-B339-884F665B6953} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2012-11-08] (WiseCleaner.com)
Task: {7D5CB5A2-919E-4192-A53A-AB0928AB102F} - System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-07-20] (Mozilla Corporation)
Task: {91586A9A-F31D-46B0-AD12-B2EA51F12FB5} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {92801305-2B16-4643-A691-588E7158BDD4} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {9424B58E-CC51-430F-B47D-AF5ADA340E8B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {9809E7C2-3D95-425E-806A-CCC7DA20450E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {A2EC6E16-DD7C-42E6-A5BB-55CE62962A8B} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe No File
Task: {B971BF12-5F0B-4B04-A0DD-92042CAE76EC} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe No File
Task: {BA03484F-45BA-4578-A970-55D9BD72E503} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\PROGRAM FILES\COMODO\COMODO INTERNET SECURITY\cfpconfg.exe [2013-07-08] (COMODO)
Task: {C2390F26-B14C-45EF-AE0D-BDB414531F1B} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {C50A22D2-F54D-482A-9577-DF42FF3B6FC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {C7F32861-B0A4-450B-A160-0EFCB9969A8E} - System32\Tasks\SUPBackground => %ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {CDE2BB82-6299-4A58-A22E-3745FD40D6D0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {CE138B3D-A62C-41D2-AD85-F767AB0971FD} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2013-06-19] (Piriform Ltd)
Task: {DC7F9992-F690-448D-976A-21B1347CC9FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EA4ED269-2A24-41F4-9428-38506827D19F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-06-08] (IObit)
Task: {FFBED0E0-3C47-49A8-8D34-064CA7B1A8D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2013 07:02:29 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 260. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:53:14 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6956. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:46:52 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6460. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:43:54 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1460. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:41:42 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: SEARCHFILTERHOST.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 0000000002635061

Error: (07/22/2013 06:40:34 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 812. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:36:36 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5000. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:26:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2013 06:24:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/22/2013 06:25:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/22/2013 06:25:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/22/2013 06:25:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Firefox Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/22/2013 06:23:19 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/22/2013 06:23:19 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/22/2013 06:23:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/22/2013 06:23:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/22/2013 06:23:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/22/2013 06:23:11 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/22/2013 06:23:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/22/2013 07:02:29 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 260. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:53:14 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6956. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:46:52 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6460. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:43:54 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1460. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:41:42 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: SEARCHFILTERHOST.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 0000000002635061

Error: (07/22/2013 06:40:34 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 812. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:36:36 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5000. Meldungs-ID: [0x2509].

Error: (07/22/2013 06:26:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2013 06:24:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-07-21 01:22:44.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:08:29.246
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:08:29.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:07:26.610
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 13:07:26.564
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 12:05:50.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 12:05:50.475
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\EE2E.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 11:59:53.693
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\2005.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-04 11:59:53.667
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\2005.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 4009.55 MB
Available physical RAM: 1872.51 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 4926.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71 GB) (Free:15.26 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:203.63 GB) (Free:1.5 GB) NTFS (Disk=0 Partition=4)
Drive e: (CD099A1) (CDROM) (Total:0.15 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:0.24 GB) (Free:0 GB) FAT (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 010722F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 248 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=247 MB) - (Type=04)

==================== End Of Log ============================
         
Und nu'? LG

Alt 22.07.2013, 20:21   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Deinstalliere bitte

TuneUp
ALLE SecuritySoftware, vor allem IOBIT und Comodo.

Deinstalliere alles was mit Security zu tun hat, auch Spybot, und behalte nur ein einziges reines AV Programm.

Dann AdwCleaner löschen und neu laden, laufen lassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.07.2013, 20:31   #9
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Zitat:
Zitat von schrauber Beitrag anzeigen
Deinstalliere bitte

TuneUp
ALLE SecuritySoftware, vor allem IOBIT und Comodo.

Deinstalliere alles was mit Security zu tun hat, auch Spybot, und behalte nur ein einziges reines AV Programm.

Dann AdwCleaner löschen und neu laden, laufen lassen.
IOBIT, Comodo, Spybot und Ähnliches zu löschen ist kein Problem. TuneUp ist aber eine lizensierte Version, für die ich ordentlich Kohle gelatzt, aber keine Installationsdatei mehr habe. Wie kann ich TuneUp retten? Geht's nicht auch versuchsweise ohne, indem ich TuneUp irgendwie deaktiviere, indem ich alle noch im Hintergrund laufenden Prozesse im abgesicherten Modus mittels TaskManager stoppe? LG

Alt 22.07.2013, 20:41   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Ok, TuneUp kann bleiben

Aber kleiner Tipp am Rande, falls Du wieder Geld ausgeben willst:

TuneUp ist Müll, total unnötig und zerschiesst Dir nur den Rechner
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2013, 12:30   #11
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Hallo schrauber,

hatte nun also bis auf TuneUp und avast! Antivirus alle SecuritySoftware platt gemacht und mit neu runtergeladenem AdwCleaner mehrere Scan-Lösch-Durchgänge gemacht, anschließend noch JRT im abgesicherten Modus und - auf eigenes Fiesiko - ComboFix dreimal. Hier die jeweils letzten Scans:

AdwCleaner sagt mir: "Alles sauber!"

Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 23/07/2013 um 01:26:33 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bert\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R10].txt - [2557 octets] - [23/07/2013 01:19:34]
AdwCleaner[R11].txt - [1224 octets] - [23/07/2013 01:26:33]
AdwCleaner[R1].txt - [3838 octets] - [22/07/2013 16:30:07]
AdwCleaner[R2].txt - [1539 octets] - [22/07/2013 16:46:26]
AdwCleaner[R3].txt - [1719 octets] - [22/07/2013 17:14:17]
AdwCleaner[R4].txt - [1839 octets] - [22/07/2013 17:25:02]
AdwCleaner[R5].txt - [1938 octets] - [22/07/2013 18:01:47]
AdwCleaner[R6].txt - [2113 octets] - [22/07/2013 18:23:48]
AdwCleaner[R7].txt - [2231 octets] - [23/07/2013 01:02:18]
AdwCleaner[R8].txt - [2352 octets] - [23/07/2013 01:04:45]
AdwCleaner[R9].txt - [2434 octets] - [23/07/2013 01:09:29]
AdwCleaner[S10].txt - [2295 octets] - [23/07/2013 01:02:55]
AdwCleaner[S11].txt - [2416 octets] - [23/07/2013 01:05:15]
AdwCleaner[S12].txt - [2498 octets] - [23/07/2013 01:10:11]
AdwCleaner[S13].txt - [2620 octets] - [23/07/2013 01:20:38]
AdwCleaner[S1].txt - [3842 octets] - [22/07/2013 16:31:08]
AdwCleaner[S2].txt - [1601 octets] - [22/07/2013 16:47:52]
AdwCleaner[S3].txt - [1661 octets] - [22/07/2013 16:56:51]
AdwCleaner[S4].txt - [1781 octets] - [22/07/2013 17:15:58]
AdwCleaner[S5].txt - [2000 octets] - [22/07/2013 18:02:19]
AdwCleaner[S6].txt - [1935 octets] - [22/07/2013 18:07:07]
AdwCleaner[S7].txt - [1995 octets] - [22/07/2013 18:14:44]
AdwCleaner[S8].txt - [2055 octets] - [22/07/2013 18:21:37]
AdwCleaner[S9].txt - [2175 octets] - [22/07/2013 18:24:35]

########## EOF - C:\AdwCleaner[R11].txt - [2609 octets] ##########
         
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 23/07/2013 um 01:27:04 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bert - BERT-007
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bert\Desktop\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\rae3d5ms.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R10].txt - [2557 octets] - [23/07/2013 01:19:34]
AdwCleaner[R11].txt - [2679 octets] - [23/07/2013 01:26:33]
AdwCleaner[R1].txt - [3838 octets] - [22/07/2013 16:30:07]
AdwCleaner[R2].txt - [1539 octets] - [22/07/2013 16:46:26]
AdwCleaner[R3].txt - [1719 octets] - [22/07/2013 17:14:17]
AdwCleaner[R4].txt - [1839 octets] - [22/07/2013 17:25:02]
AdwCleaner[R5].txt - [1938 octets] - [22/07/2013 18:01:47]
AdwCleaner[R6].txt - [2113 octets] - [22/07/2013 18:23:48]
AdwCleaner[R7].txt - [2231 octets] - [23/07/2013 01:02:18]
AdwCleaner[R8].txt - [2352 octets] - [23/07/2013 01:04:45]
AdwCleaner[R9].txt - [2434 octets] - [23/07/2013 01:09:29]
AdwCleaner[S10].txt - [2295 octets] - [23/07/2013 01:02:55]
AdwCleaner[S11].txt - [2416 octets] - [23/07/2013 01:05:15]
AdwCleaner[S12].txt - [2498 octets] - [23/07/2013 01:10:11]
AdwCleaner[S13].txt - [2620 octets] - [23/07/2013 01:20:38]
AdwCleaner[S14].txt - [2071 octets] - [23/07/2013 01:27:04]
AdwCleaner[S1].txt - [3842 octets] - [22/07/2013 16:31:08]
AdwCleaner[S2].txt - [1601 octets] - [22/07/2013 16:47:52]
AdwCleaner[S3].txt - [1661 octets] - [22/07/2013 16:56:51]
AdwCleaner[S4].txt - [1781 octets] - [22/07/2013 17:15:58]
AdwCleaner[S5].txt - [2000 octets] - [22/07/2013 18:02:19]
AdwCleaner[S6].txt - [1935 octets] - [22/07/2013 18:07:07]
AdwCleaner[S7].txt - [1995 octets] - [22/07/2013 18:14:44]
AdwCleaner[S8].txt - [2055 octets] - [22/07/2013 18:21:37]
AdwCleaner[S9].txt - [2175 octets] - [22/07/2013 18:24:35]

########## EOF - C:\AdwCleaner[S14].txt - [2672 octets] ##########
         
Junkware RT auch:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.1 (07.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bert on 23.07.2013 at  2:18:19,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.07.2013 at  2:20:11,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ComboFix verschiebt bei Schritt_47 immer eine Datei (jedesmal dasselbe):

Code:
ATTFilter
ComboFix 13-07-22.01 - Bert 23.07.2013   2:42.3.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4010.3051 [GMT 2:00]
ausgeführt von:: c:\users\Bert\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-23 bis 2013-07-23  ))))))))))))))))))))))))))))))
.
.
2013-07-23 00:45 . 2013-07-23 00:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-23 00:45 . 2013-07-23 00:45	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2013-07-22 17:59 . 2013-07-22 18:00	--------	d-----w-	C:\56793e0a4fd0078f320ad77a323185
2013-07-22 17:44 . 2013-07-22 17:44	--------	d-----w-	c:\users\Bert\AppData\Local\Opera Software
2013-07-22 17:44 . 2013-07-22 17:44	--------	d-----w-	c:\users\Bert\AppData\Roaming\Opera Software
2013-07-22 17:32 . 2012-06-09 17:21	206336	----a-w-	c:\windows\system32\unrar64.dll
2013-07-22 17:32 . 2011-12-07 17:37	148992	----a-w-	c:\windows\system32\lagarith.dll
2013-07-22 17:32 . 2013-05-31 18:00	127488	----a-w-	c:\windows\system32\ff_vfw.dll
2013-07-22 17:32 . 2013-07-22 17:32	--------	d-----w-	c:\program files\K-Lite Codec Pack x64
2013-07-22 17:26 . 2013-07-22 17:29	--------	d-----w-	c:\windows\system32\MRT
2013-07-22 02:04 . 2013-07-22 02:04	--------	d-----w-	c:\windows\system32\SRSLabs
2013-07-22 02:04 . 2013-07-22 02:04	--------	d-----w-	c:\program files\Realtek
2013-07-22 02:02 . 2013-03-26 15:04	2734624	----a-w-	c:\windows\system32\FMAPO64.dll
2013-07-22 02:01 . 2012-03-08 09:47	108640	----a-w-	c:\windows\system32\AERTAR64.dll
2013-07-22 02:01 . 2013-03-23 01:43	208072	----a-w-	c:\windows\system32\AERTAC64.dll
2013-07-22 02:01 . 2013-01-16 14:02	2079816	----a-w-	c:\windows\RtlExUpd.dll
2013-07-21 23:16 . 2013-07-21 23:16	--------	d-----w-	C:\FRST
2013-07-21 16:21 . 2013-07-21 16:22	--------	d-----w-	c:\program files\ExtMan (IconTweak)
2013-07-21 15:34 . 2013-07-21 15:51	--------	d-----w-	c:\users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 13:37 . 2013-07-21 13:46	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-07-21 13:37 . 2013-05-09 08:59	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-07-21 13:37 . 2013-05-09 08:59	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-07-21 13:37 . 2013-05-09 08:59	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-07-21 13:37 . 2013-07-21 13:46	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-07-21 13:37 . 2013-07-21 13:46	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-07-21 13:37 . 2013-05-09 08:59	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-07-21 13:37 . 2013-05-09 08:59	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-07-21 13:36 . 2013-05-09 08:58	41664	----a-w-	c:\windows\avastSS.scr
2013-07-21 13:32 . 2013-07-15 01:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC59AB60-E6DD-42C8-BB7D-8498C80D02A0}\mpengine.dll
2013-07-21 13:02 . 2013-07-23 00:14	--------	d-----w-	c:\program files (x86)\Junkware Removal Tool
2013-07-21 01:52 . 2013-07-21 01:52	--------	d-----w-	C:\VTRoot
2013-07-21 00:48 . 2013-07-21 00:48	--------	d-----w-	c:\program files\COMODO
2013-07-21 00:48 . 2013-07-21 00:50	--------	d-----w-	c:\programdata\Comodo
2013-07-21 00:35 . 2013-07-21 00:35	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-07-21 00:35 . 2013-07-21 00:35	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2013-07-21 00:35 . 2013-07-21 00:35	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-07-21 00:30 . 2013-07-21 01:21	--------	d-----w-	c:\program files (x86)\Comodo
2013-07-21 00:28 . 2013-07-21 00:28	--------	d-----w-	c:\programdata\Comodo Downloader
2013-07-21 00:19 . 2013-07-21 04:00	--------	d-----w-	c:\programdata\Avira
2013-07-20 22:36 . 2013-07-20 22:36	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-07-20 10:53 . 2013-07-20 10:54	--------	d-----w-	C:\EEK
2013-07-20 09:44 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-07-19 22:43 . 2013-07-19 22:43	312232	----a-w-	c:\windows\system32\javaws.exe
2013-07-19 22:43 . 2013-07-19 22:43	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-19 22:43 . 2013-07-19 22:43	189352	----a-w-	c:\windows\system32\javaw.exe
2013-07-19 22:43 . 2013-07-19 22:43	188840	----a-w-	c:\windows\system32\java.exe
2013-07-19 22:43 . 2013-07-19 22:43	--------	d-----w-	c:\program files\Java
2013-07-19 22:30 . 2013-07-21 06:00	--------	d-----w-	c:\program files\Enigma Software Group
2013-07-19 22:25 . 2013-07-20 22:05	--------	d-----w-	c:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-19 22:25 . 2013-07-19 22:25	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-07-16 03:40 . 2013-07-21 01:36	--------	d-----w-	c:\program files\Unlocker
2013-07-16 02:42 . 2013-07-16 03:27	--------	d-----w-	c:\users\Bert\AppData\Roaming\Jitsi
2013-07-16 02:42 . 2013-07-16 02:42	--------	d-----w-	c:\program files (x86)\Jitsi
2013-07-16 00:49 . 2013-07-16 01:32	--------	d-----w-	c:\program files (x86)\KVIrc
2013-07-15 15:47 . 2013-07-22 14:37	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-07-11 21:48 . 2013-07-11 21:51	--------	d-----w-	c:\program files (x86)\LibreOffice 3.6
2013-07-09 23:45 . 2013-07-09 23:45	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 23:45 . 2013-07-09 23:45	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-09 23:45 . 2013-07-09 23:45	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-09 23:45 . 2013-07-09 23:45	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-09 23:45 . 2013-07-09 23:45	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-09 23:45 . 2013-07-09 23:45	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2013-07-09 23:45 . 2013-07-09 23:45	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-09 23:44 . 2013-07-09 23:44	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-09 23:41 . 2013-07-09 23:41	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-09 23:41 . 2013-07-09 23:41	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-07-09 23:32 . 2013-07-09 23:32	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-09 23:32 . 2013-07-09 23:32	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-09 23:32 . 2013-07-09 23:32	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 23:32 . 2013-07-09 23:32	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-09 23:32 . 2013-07-09 23:32	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-09 23:31 . 2013-07-09 23:31	1887744	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-09 23:31 . 2013-07-09 23:31	1620480	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-09 23:31 . 2013-07-09 23:31	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-09 23:31 . 2013-07-09 23:31	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-09 23:28 . 2013-07-09 23:28	--------	d-----w-	c:\program files (x86)\BootkitRemoval
2013-07-09 23:09 . 2013-07-09 23:09	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-07-09 23:09 . 2013-07-09 23:09	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-07-09 23:08 . 2013-07-09 23:08	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-07-09 23:08 . 2013-07-09 23:08	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-07-09 23:08 . 2013-07-09 23:08	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-07-09 23:08 . 2013-07-09 23:08	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-07-09 23:07 . 2013-07-09 23:07	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-07-09 23:07 . 2013-07-09 23:07	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-07-09 23:07 . 2013-07-09 23:07	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2013-07-09 22:14 . 2013-07-09 22:14	--------	d-----w-	c:\users\Bert\AppData\Local\Clover
2013-07-09 22:14 . 2013-07-09 22:16	--------	d-----w-	c:\program files (x86)\Clover
2013-07-09 22:12 . 2012-12-20 20:24	3837440	----a-w-	c:\windows\system32\drivers\athrx.sys
2013-07-09 22:11 . 2013-07-09 22:11	--------	d-----w-	c:\program files (x86)\SpeedyFox
2013-07-09 22:09 . 2013-07-09 22:12	--------	d-----w-	c:\program files\DIFX
2013-07-09 22:06 . 2013-07-09 22:06	--------	d-----w-	c:\program files (x86)\MSECache
2013-07-09 22:05 . 2013-07-09 22:42	--------	d-----w-	c:\program files\Office Tab
2013-07-09 22:03 . 2013-07-09 22:03	--------	d-----w-	c:\users\Bert\ultracopier
2013-07-09 22:02 . 2012-12-26 23:26	805088	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2013-07-09 22:02 . 2012-12-26 23:26	74344	----a-w-	c:\windows\system32\RtNicProp64.dll
2013-07-09 22:02 . 2013-07-20 17:10	--------	d-----w-	c:\program files\Supercopier
2013-07-09 21:58 . 2013-07-16 01:57	--------	d-----w-	c:\users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-09 21:57 . 2013-07-21 21:57	--------	d-----w-	c:\program files (x86)\PasteCopy.NET
2013-07-08 21:50 . 2013-07-08 21:50	--------	d-----w-	c:\users\Bert\AppData\Roaming\aignes
2013-07-08 21:50 . 2013-07-08 21:50	--------	d-----w-	c:\program files (x86)\AM-DeadLink
2013-07-04 12:44 . 2013-07-04 12:44	0	----a-w-	c:\windows\SysWow64\FAPED09.tmp
2013-07-04 12:41 . 2013-07-04 12:41	0	----a-w-	c:\windows\SysWow64\FAP6BE6.tmp
2013-07-04 12:40 . 2013-07-04 12:40	0	----a-w-	c:\windows\SysWow64\FAPFFE9.tmp
2013-07-04 12:40 . 2013-07-04 12:40	0	----a-w-	c:\windows\SysWow64\FAP54F8.tmp
2013-07-04 12:40 . 2013-07-04 12:40	0	----a-w-	c:\windows\SysWow64\FAP3D90.tmp
2013-07-04 12:39 . 2013-07-04 12:39	0	----a-w-	c:\windows\SysWow64\FAP713B.tmp
2013-07-04 12:38 . 2013-07-04 12:38	0	----a-w-	c:\windows\SysWow64\FAPD69F.tmp
2013-07-04 12:36 . 2013-07-04 12:36	0	----a-w-	c:\windows\SysWow64\FAP2D.tmp
2013-07-04 12:35 . 2013-07-04 12:35	0	----a-w-	c:\windows\SysWow64\FAP76FF.tmp
2013-07-04 11:03 . 2013-07-04 11:03	0	----a-w-	c:\windows\SysWow64\FAPE22C.tmp
2013-07-04 11:02 . 2013-07-04 11:02	0	----a-w-	c:\windows\SysWow64\FAP5739.tmp
2013-07-04 11:00 . 2013-07-04 11:00	0	----a-w-	c:\windows\SysWow64\FAP5B7B.tmp
2013-07-04 10:58 . 2013-07-04 10:58	0	----a-w-	c:\windows\SysWow64\FAPFE8B.tmp
2013-07-04 10:58 . 2013-07-04 10:58	0	----a-w-	c:\windows\SysWow64\FAPF8A0.tmp
2013-07-04 10:58 . 2013-07-04 10:58	0	----a-w-	c:\windows\SysWow64\FAPF840.tmp
2013-07-04 10:57 . 2013-07-04 10:57	0	----a-w-	c:\windows\SysWow64\FAP7402.tmp
2013-07-04 10:50 . 2013-07-04 10:50	0	----a-w-	c:\windows\SysWow64\FAPDA60.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAP740E.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAP5D8F.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAP2001.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAP906.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAPEACA.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAPD381.tmp
2013-07-04 10:49 . 2013-07-04 10:49	0	----a-w-	c:\windows\SysWow64\FAPBBF9.tmp
2013-07-04 10:48 . 2013-07-04 10:48	0	----a-w-	c:\windows\SysWow64\FAP8C31.tmp
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-20 00:21 . 2013-02-08 10:37	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-20 00:21 . 2013-02-08 10:37	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-19 22:43 . 2012-06-25 17:32	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-19 22:43 . 2012-01-17 19:33	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-18 13:03 . 2013-06-04 09:11	25568	----a-w-	c:\windows\system32\drivers\KeyCrypt64.sys
2013-07-09 23:07 . 2013-07-09 23:07	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-07-09 23:07 . 2013-07-09 23:07	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-07-09 23:07 . 2013-07-09 23:07	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-07-09 23:07 . 2013-07-09 23:07	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-07-09 23:07 . 2013-07-09 23:07	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-07-09 23:07 . 2013-07-09 23:07	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-07-04 02:09 . 2012-07-12 23:33	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-04 02:09 . 2011-11-18 14:14	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2011-11-17 03:14	78277128	----a-w-	c:\windows\system32\MRT.exe
2013-06-22 07:34 . 2013-05-31 13:54	2756800	----a-w-	c:\program files (x86)\ProcessExplorer.exe
2013-05-13 05:51 . 2013-06-12 12:32	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 12:32	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 12:32	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 12:32	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 12:32	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 12:32	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 12:32	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 12:32	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:32	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:32	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-05-09 08:58 . 2012-11-04 15:05	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-08 06:39 . 2013-06-12 12:32	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2013-04-26 05:51 . 2013-06-12 12:32	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-12 12:32	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSCS"="c:\program files (x86)\MAXA Cookie Manager\Cookie.exe" [2011-12-11 978944]
"Rainlendar2"="c:\program files\Rainlendar\Rainlendar2.exe" [2012-10-25 2555392]
"SandboxieControl"="c:\program files\SANDBOXIE\SbieCtrl.exe" [2013-07-08 759384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"ZALFree"="c:\program files (x86)\Zemana AntiLogger\AntiLogger Free.exe" [2013-07-18 12999984]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AdFender.lnk - c:\program files (x86)\AdFender\AdFender.exe -autostart [2013-5-23 3225712]
Launchy.lnk - c:\program files (x86)\Launchy\Launchy.exe [2012-7-13 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KeyCryptSDK\KeyCrypt32(2).dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	fSDKBt\0DfSDKBt\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys;c:\windows\SYSNATIVE\drivers\TfFsMon.sys [x]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys;c:\windows\SYSNATIVE\drivers\TfSysMon.sys [x]
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys;c:\windows\SYSNATIVE\drivers\AntiLog64.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Firefox Service;Firefox Service; [x]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys;c:\windows\SYSNATIVE\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
R4 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]
R4 OODefragAgent;O&O Defrag;c:\program files\OO Defrag\oodag.exe;c:\program files\OO Defrag\oodag.exe [x]
R4 PuranDefrag;PuranDefrag;c:\windows\SYSTEM32\PURANDEFRAGS.EXE;c:\windows\SYSNATIVE\PURANDEFRAGS.EXE [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S1 aswKbd;aswKbd; [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt64.sys;c:\windows\SYSNATIVE\DRIVERS\KeyCrypt64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 00:21]
.
2013-07-22 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-11-16 14:51]
.
2013-07-20 c:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
- c:\program files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2011-11-16 14:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]
"OODefragTray"="c:\program files\OO Defrag\oodtray.exe" [2011-01-25 3942216]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KeyCryptSDK\KeyCrypt64(2).dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.search.yahoo.com?type=198484&fr=spigot-yhp-ie
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}
FF - ProfilePath - c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: 2013-06-24 10:54; 2.0@disconnect.me; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\2.0@disconnect.me.xpi
FF - ExtSQL: 2013-07-03 14:01; check-compatibility@dactyl.googlecode.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\check-compatibility@dactyl.googlecode.com.xpi
FF - ExtSQL: 2013-07-03 14:02; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-07-03 14:03; elemhidehelper@adblockplus.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\elemhidehelper@adblockplus.org.xpi
FF - ExtSQL: 2013-07-03 14:04; {e10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{e10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-07-03 14:04; adblockpopups@jessehakanen.net; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2013-07-03 14:08; personas@christopher.beard; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\personas@christopher.beard.xpi
FF - ExtSQL: 2013-07-03 14:33; {15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
FF - ExtSQL: 2013-07-03 14:35; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2013-07-03 14:35; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-07-03 14:53; {023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi
FF - ExtSQL: 2013-07-03 14:58; {ea61041c-1e22-4400-99a0-aea461e69d04}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi
FF - ExtSQL: 2013-07-03 14:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-07-03 14:58; {d49a148e-817e-4025-bee3-5d541376de3b}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi
FF - ExtSQL: 2013-07-03 14:58; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-07-03 14:58; {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF - ExtSQL: 2013-07-03 14:58; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-07-03 14:58; {987311C6-B504-4aa2-90BF-60CC49808D42}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
FF - ExtSQL: 2013-07-03 14:58; {578e7caa-210f-4967-a0d3-88fe5b59a39f}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}
FF - ExtSQL: 2013-07-03 14:58; {45d8ff86-d909-11db-9705-005056c00008}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF - ExtSQL: 2013-07-03 14:58; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2013-07-03 14:58; {1018e4d6-728f-4b20-ad56-37578a4de76b}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - ExtSQL: 2013-07-03 14:58; {03651b2d-eb7d-4be7-af1b-dc0cd162dd54}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{03651b2d-eb7d-4be7-af1b-dc0cd162dd54}.xpi
FF - ExtSQL: 2013-07-03 14:58; smarterwiki@wikiatic.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\smarterwiki@wikiatic.com.xpi
FF - ExtSQL: 2013-07-03 14:58; john@velvetcache.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\john@velvetcache.org.xpi
FF - ExtSQL: 2013-07-03 14:59; firefox@ghostery.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-07-03 14:59; csfire@cs.kuleuven.be; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\csfire@cs.kuleuven.be
FF - ExtSQL: 2013-07-03 14:59; clickclean@hotcleaner.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\clickclean@hotcleaner.com
FF - ExtSQL: 2013-07-03 14:59; cache@status.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\cache@status.org.xpi
FF - ExtSQL: 2013-07-03 14:59; anticontainer@downthemall.net; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\anticontainer@downthemall.net.xpi
FF - ExtSQL: 2013-07-03 15:09; maskingagent@basa.nl; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\maskingagent@basa.nl.xpi
FF - ExtSQL: 2013-07-03 15:18; sharemenot@franziroesner.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\sharemenot@franziroesner.com.xpi
FF - ExtSQL: 2013-07-03 15:19; slimaddonmanager@opendfki.de; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\slimaddonmanager@opendfki.de.xpi
FF - ExtSQL: 2013-07-03 15:24; useragentrg-upd@mozilla.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\useragentrg-upd@mozilla.org.xpi
FF - ExtSQL: 2013-07-03 15:28; {dc572301-7619-498c-a57d-39143191b318}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2013-07-03 15:28; {5F590AA2-1221-4113-A6F4-A4BB62414FAC}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi
FF - ExtSQL: 2013-07-03 15:28; {455D905A-D37C-4643-A9E2-F6FEFAA0424A}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi
FF - ExtSQL: 2013-07-03 15:28; trackmenot@mrl.nyu.edu; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\trackmenot@mrl.nyu.edu.xpi
FF - ExtSQL: 2013-07-03 15:28; tabscope@xuldev.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\tabscope@xuldev.org.xpi
FF - ExtSQL: 2013-07-03 15:28; secureLogin@blueimp.net; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\secureLogin@blueimp.net.xpi
FF - ExtSQL: 2013-07-03 15:28; nogroovesharkads@tobbi.tk; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\nogroovesharkads@tobbi.tk.xpi
FF - ExtSQL: 2013-07-03 15:29; netvideohunter@netvideohunter.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\netvideohunter@netvideohunter.com
FF - ExtSQL: 2013-07-03 15:29; longurlplease@tseng; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\longurlplease@tseng.xpi
FF - ExtSQL: 2013-07-03 15:29; locationbar2@design-noir.de; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\locationbar2@design-noir.de.xpi
FF - ExtSQL: 2013-07-03 15:29; guiconfig@slosd.net; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\guiconfig@slosd.net.xpi
FF - ExtSQL: 2013-07-03 15:29; donottrackplus@abine.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\donottrackplus@abine.com
FF - ExtSQL: 2013-07-03 15:29; SciLorsGrooveUnlocker@scilor.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\SciLorsGrooveUnlocker@scilor.com.xpi
FF - ExtSQL: 2013-07-03 15:34; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2013-07-03 15:34; CLEO@guid.customsoftwareconsult.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\CLEO@guid.customsoftwareconsult.com
FF - ExtSQL: 2013-07-03 15:46; firefox@mailcatch.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\firefox@mailcatch.com.xpi
FF - ExtSQL: 2013-07-03 16:34; https-everywhere@eff.org; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\https-everywhere@eff.org
FF - ExtSQL: 2013-07-04 00:20; admin@fullrip.net; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\admin@fullrip.net.xpi
FF - ExtSQL: 2013-07-19 00:16; {086e582e-455b-4289-bfab-e90da7c0558b}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{086e582e-455b-4289-bfab-e90da7c0558b}.xpi
FF - ExtSQL: 2013-07-19 00:20; {e968fc70-8f95-4ab9-9e79-304de2a66ee1}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{e968fc70-8f95-4ab9-9e79-304de2a66ee1}.xpi
FF - ExtSQL: 2013-07-19 03:48; {b442f4c0-c292-4998-aabe-48608a73ba75}; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}
FF - ExtSQL: 2013-07-19 23:59; thumbnailZoom@dadler.github.com; c:\users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default-1372852164624\extensions\thumbnailZoom@dadler.github.com.xpi
FF - ExtSQL: 2013-07-21 15:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - (no file)
Notify-igfxcui - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*³˜4\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*@³˜4àB*ˆà‚i`:‚i\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*u$qD]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*u$qD\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ô/u›**file:///D:/Schubidoo/%D0%95%D0%B9_%D0%BD%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F_%D1%82%D0%B0%D0%BA%D0%BE%D0%B9_%D1%81%D0%B5%D0%BA%D1%81_3b0514ca94ecf379677424ca77414de9.mp4*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ô/u›**file:///D:/Schubidoo/%D0%95%D0%B9_%D0%BD%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F_%D1%82%D0%B0%D0%BA%D0%BE%D0%B9_%D1%81%D0%B5%D0%BA%D1%81_3b0514ca94ecf379677424ca77414de9.mp4*\OpenWithList]
@Class="Shell"
"a"="VLC.EXE"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ï1]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-592597040-2687735098-3077039613-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ï1\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="E5E99E3FE5BC62167ACB222603FC4E046577277F3636E2D27E3CD035C8095497CCA29F6869340F21463A13914F267995D9F317AF31A48EB24F0DC6048978C50D7185FCE62AB5CBEA89AE349C210B0DA62DC4B44DECA3882AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808FEBC9E127BECC74CC038D530D6EB345266801147A69BEA7334FA0DD3B524ADA39BB27F0228C4B5EE4297F705AE710A0D96122DED7FE2F636999AAE93877967977E6BE412F1AA0CDA16315FDC7B0A55398ADEF9D718D4BB276D02C789E49BD78690AF59D9EFEF4C6FB8FDC7DEC7A97A84169199BA67B310DC0E32708E62F7DC78DDFB89F1F04A79C484949107BE6D4237FCF7429793A5A2F04E54D042445CA7776670B53A785069F6C4ABB295C0D74A9D7A83BD2DFAB5F480F631AB85827DBD111D52B0D5BBFD49A4BAA2B310E0CCFE09BDCBEB00AC53D8ADC039D27FCCF1FA5AEA86642CA5B515F19C79B13CE596A54D66883D5BED4EF91EDBFEAC1983B48A682D1CCCE7D3BA218792535E28CBE2D6430C99B8CBB75ED3FAEB38B5823DA66F5631407A781B35948EB97B80A2C243FCC739FEF8A1B51EB67106C1FCAC420A7EC1BCC81190803269B9A3DDED412DAB58BB69602BF2C88C48343899264D9086634F882C48283FA1EDB9D38B97DAA3777D8311869318060A81797E62E75F5AA71AA33E086E7AC4584649C5397C0C71E1530896DE86AEB45F2EF8CD630D2003DC766A7F1B6106340EE7A1E3BF3235958E16B451FCEE1752366FF10C077513A6F81CD160C9170EE3DF9E83119C627BC381D47C9195CBF78F1B3B2595DC94FC9235858DE81B9699DECD0932A1EFCA4464A3F3519803AD3A500358D83718F1E8C6AA00D314BB7D74633C9874DD00BBBD12C32CAE9CC23D892D43E4D6B50EA82479592F5ED27BFA2DE4F4169805B39A581C13068FC677B2577316D1EBC8BAE6431426866C884E551707221B6BC519E147862665F337665D5BA11A62E919BDF198B456D0C18ECBE1C8A7D596C247619D0309F6FBE17D7A9F0BEFD1B128C8D71FC0AC17ACA3AFAF0E9F5403CBF49F606F480FE2D062A1BF6FA6C2A32AFCE7F25A1A80F50B5C2DDA5BB7CD83D05DDE908C16B8AAC0009CE856AD39590EC9FD9623C56BE8B0BBB8D05CF58C1390DC050DBDB058F4FBCDDB4C74E42322F1EC87740D2A5945B8937CB83B813A51C9D60618E12275CA855E4364F9D684113ECEF35EBE72EC46123B94DF32C4B6C410324C96E833CB98B4CB274DAE50179AAF57234AF40B7A0DFB0E0F34136F13D3495BB39058F74C303732D14B6C61C699D7F36FD4FBA60D1C0D68F1CB407595CBB0410F3249C098480B320342A0E0B3CE9A97A13C3ABB61DA302F355D358CBADCD558"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-23  02:47:02
ComboFix-quarantined-files.txt  2013-07-23 00:47
ComboFix2.txt  2013-07-23 00:39
ComboFix3.txt  2013-07-23 00:32
.
Vor Suchlauf: 16 Verzeichnis(se), 20.899.930.112 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 20.815.978.496 Bytes frei
.
- - End Of File - - AD8B3C1104ACF2FC7A4B0389C380C8EA
D41D8CD98F00B204E9800998ECF8427E
         
Endergebnis: Alles wie gehabt. Kann man dem Plagegeist noch anders beikommen? LG

Alt 23.07.2013, 13:58   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Poste mal ein frisches FRST log, dann kann ich die Reste entfernen. In welchem browser hast du die Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2013, 17:40   #13
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Die Hoffnung stirbt zuletzt!

Hier die LogFiles:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by Bert (administrator) on 23-07-2013 15:30:38
Running from C:\Users\Bert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\userinit.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1497816 2013-06-18] (COMODO)
HKCU\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKCU\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKCU\...\Run: [SandboxieControl] - C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe                                                                                                                                                                                                         [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [ZALFree] - "C:\Program Files (x86)\Zemana AntiLogger\AntiLogger Free.exe" /MINIMIZED [12999984 2013-07-18] (Zemana Ltd.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [emsisoft anti-malware] - "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 [2928040 2013-07-02] (Emsisoft GmbH)
HKU\Administrator\...\Run: [Advanced SystemCare 5] - "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart [619352 2011-12-30] (IObit)
HKU\Administrator\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [x]
HKU\Administrator\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKU\Administrator\...\Run: [VeohPlugin] - "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2816328 2011-10-26] (Veoh Networks)
HKU\Administrator\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe /autorun [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKU\Administrator\...\Run: [SandboxieControl] - "C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(2).dll [89936 2013-07-18] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(2).dll [82696 2013-07-18] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
BootExecute: fSDKBtDfSDKBtsdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=198484&fr=spigot-yhp-ie
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {62403BF9-B85D-4453-ACF4-965285CA2C99} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Advanced SystemCare\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} 
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} 
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bert\AppData\Roaming\Mozilla\Firefox\Profiles\z3g57ncr.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\plugins
FF Extension: No Name - C:\Users\Bert\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: adblocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [maxacookie@maxatools.com] C:\Program Files (x86)\MAXA Cookie Manager\extension
FF Extension: MAXA Cookie Manager - C:\Program Files (x86)\MAXA Cookie Manager\extension
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://de.search.yahoo.com?type=800236&fr=spigot-yhp-ch"
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\ASC_GhromePluginFor6.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [574272 2013-04-18] (IObit)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6181504 2013-06-18] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
S4 OODefragAgent; C:\Program Files\OO Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PURANDEFRAGS.EXE [292736 2012-08-13] (Puran Software)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 Firefox Service; 

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
S2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-23] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-23] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [708632 2013-06-18] (COMODO)
S1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2013-06-18] (COMODO)
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-06-18] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-18] (Zemana Ltd.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\A795.tmp [6144 2009-06-18] (Sophos Plc)
S3 MEMSWEEP2; C:\windows\system32\A795.tmp [6144 2009-06-18] (Sophos Plc)
S2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 rm; \??\C:\windows\system32\drivers\rm.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 15:27 - 2013-07-23 15:27 - 00000000 _____ C:\Users\Bert\Desktop\Addition.txt
2013-07-23 15:18 - 2013-07-23 15:18 - 01779447 _____ (Farbar) C:\Users\Bert\Desktop\FRST64.exe
2013-07-23 15:11 - 2013-07-23 15:28 - 00003408 _____ C:\Users\Bert\Desktop\Nmc_2013-07-23_15-11-20.log
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-23 13:56 - 2013-07-23 13:56 - 00377856 _____ C:\Users\Bert\Desktop\gmer_2.1.19163.exe
2013-07-23 13:51 - 2013-07-23 13:53 - 00724952 _____ C:\Users\Bert\Desktop\avenger.zip
2013-07-23 13:24 - 2013-07-23 13:24 - 00001247 _____ C:\Users\Administrator\Desktop\SpyDLLRemover.lnk
2013-07-23 12:56 - 2013-07-23 13:24 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-07-23 12:56 - 2013-07-23 12:56 - 00001247 _____ C:\Users\Administrator\Desktop\SpyBHORemover.lnk
2013-07-23 05:50 - 2013-07-23 12:51 - 00000112 _____ C:\windows\setupact.log
2013-07-23 05:50 - 2013-07-23 05:50 - 00000000 _____ C:\windows\setuperr.log
2013-07-23 05:35 - 2013-07-23 05:41 - 255018056 _____ (Norman AS) C:\Users\Bert\Desktop\Norman_Malware_Cleaner.exe
2013-07-23 04:12 - 2013-07-23 04:12 - 00000000 ____D C:\Program Files (x86)\BootkitRemovalTool
2013-07-23 03:33 - 2013-07-23 03:33 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-23 03:30 - 2013-07-23 03:32 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-23 03:24 - 2013-07-23 03:25 - 20553576 _____ (Simply Super Software                                       ) C:\Users\Bert\Desktop\trjsetup687.exe
2013-07-23 03:22 - 2013-07-23 03:23 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Bert\Desktop\spywareblastersetup50.exe
2013-07-23 03:22 - 2013-07-23 03:22 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Bert\Desktop\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-23 03:21 - 2013-07-23 03:22 - 21516064 _____ (IObit                                                       ) C:\Users\Bert\Desktop\imf-setup_2.0.5.0.exe
2013-07-23 03:20 - 2013-07-23 03:20 - 00618912 _____ (www.download-sponsor.de) C:\Users\Bert\Desktop\tfinstall_universal.exe
2013-07-23 03:18 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\A795.tmp
2013-07-23 03:15 - 2013-07-23 03:17 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bert\Desktop\spybot-2.1.exe
2013-07-23 03:07 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\B74D.tmp
2013-07-23 03:01 - 2013-07-23 15:29 - 00042623 _____ C:\windows\WindowsUpdate.log
2013-07-23 02:47 - 2013-07-23 02:47 - 00039015 _____ C:\ComboFix.txt
2013-07-23 02:21 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2013-07-23 02:21 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2013-07-23 02:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2013-07-23 02:20 - 2013-07-23 02:47 - 00000000 ____D C:\Qoobox
2013-07-23 02:20 - 2013-07-23 02:20 - 00000624 _____ C:\Users\Bert\Desktop\JRT.txt
2013-07-23 02:15 - 2013-07-23 02:15 - 05091940 ____R (Swearware) C:\Users\Bert\Desktop\ComboFix.exe
2013-07-23 01:27 - 2013-07-23 01:27 - 00002742 _____ C:\AdwCleaner[S14].txt
2013-07-23 01:26 - 2013-07-23 01:26 - 00002679 _____ C:\AdwCleaner[R11].txt
2013-07-22 19:59 - 2013-07-22 20:00 - 00000000 ____D C:\56793e0a4fd0078f320ad77a323185
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Opera Software
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Local\Opera Software
2013-07-22 19:32 - 2013-07-22 19:32 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-07-22 19:32 - 2013-05-31 20:00 - 00127488 _____ C:\windows\system32\ff_vfw.dll
2013-07-22 19:32 - 2012-06-09 19:21 - 00206336 _____ C:\windows\system32\unrar64.dll
2013-07-22 19:32 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2013-07-22 19:26 - 2013-07-22 19:29 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:47 - 2013-07-22 16:48 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:31 - 2013-07-22 16:32 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:03 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2013-07-22 04:03 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2013-07-22 04:03 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2013-07-22 04:03 - 2013-03-29 17:10 - 00449481 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2013-07-22 04:03 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2013-07-22 04:03 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2013-07-22 04:03 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
2013-07-22 04:03 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2013-07-22 04:03 - 2013-03-25 17:32 - 03180264 _____ C:\windows\system32\Drivers\rtvienna.dat
2013-07-22 04:03 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2013-07-22 04:03 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2013-07-22 04:03 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2013-07-22 04:03 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2013-07-22 04:03 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2013-07-22 04:03 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2013-07-22 04:03 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2013-07-22 04:03 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2013-07-22 04:03 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2013-07-22 04:03 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2013-07-22 04:03 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2013-07-22 04:03 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2013-07-22 04:03 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2013-07-22 04:03 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2013-07-22 04:02 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2013-07-22 04:02 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2013-07-22 04:01 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2013-07-22 04:01 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll
2013-07-22 04:01 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 18:21 - 2013-07-21 18:22 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 17:34 - 2013-07-21 17:51 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 16:56 - 2013-07-22 01:47 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-21 16:06 - 2013-07-23 12:51 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 15:37 - 2013-07-23 12:58 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2013-07-21 15:46 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-07-21 15:36 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-21 15:02 - 2013-07-23 03:04 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 03:52 - 2013-07-21 04:32 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ____D C:\VTRoot
2013-07-21 02:50 - 2013-07-21 04:32 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 02:48 - 2013-07-21 02:50 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:30 - 2013-07-21 03:21 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\Bert\Documents\APNSetup.exe
2013-07-21 02:19 - 2013-07-21 06:00 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 00:46 - 2013-07-21 01:31 - 00000000 ____D C:\windows\erdnt
2013-07-20 12:53 - 2013-07-20 12:54 - 00000000 ____D C:\EEK
2013-07-20 11:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-07-20 01:24 - 2013-07-20 01:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:30 - 2013-07-21 08:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 00:25 - 2013-07-21 00:05 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-18 21:38 - 2013-07-19 11:44 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-17 05:21 - 2013-07-20 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-16 05:40 - 2013-07-21 03:36 - 00000000 ____D C:\Program Files\Unlocker
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 04:42 - 2013-07-16 05:27 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 02:49 - 2013-07-16 03:32 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-15 22:52 - 2013-07-22 20:10 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-15 17:47 - 2013-07-22 16:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-11 23:48 - 2013-07-11 23:51 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:14 - 2013-07-10 00:16 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2012-12-20 22:24 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\windows\system32\Drivers\athrx.sys
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:09 - 2013-07-10 00:12 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-07-10 00:42 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:02 - 2013-07-20 19:10 - 00000000 ____D C:\Program Files\Supercopier
2013-07-10 00:02 - 2012-12-27 01:26 - 00805088 _____ (Realtek                                            ) C:\windows\system32\Drivers\Rt64win7.sys
2013-07-10 00:02 - 2012-12-27 01:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2013-07-10 00:00 - 2013-07-21 00:26 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-09 23:58 - 2013-07-16 03:57 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-04 00:16 - 2013-07-14 01:00 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-03 16:39 - 2013-07-03 16:44 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:17 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:13 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-28 00:11 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 21:52 - 2013-07-21 00:26 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}

==================== One Month Modified Files and Folders =======

2013-07-23 15:29 - 2013-07-23 03:01 - 00042623 _____ C:\windows\WindowsUpdate.log
2013-07-23 15:29 - 2012-06-07 11:56 - 00327680 _____ C:\windows\system32\Ikeext.etl
2013-07-23 15:28 - 2013-07-23 15:11 - 00003408 _____ C:\Users\Bert\Desktop\Nmc_2013-07-23_15-11-20.log
2013-07-23 15:27 - 2013-07-23 15:27 - 00000000 _____ C:\Users\Bert\Desktop\Addition.txt
2013-07-23 15:19 - 2011-11-19 17:17 - 00000000 ____D C:\Users\Administrator
2013-07-23 15:18 - 2013-07-23 15:18 - 01779447 _____ (Farbar) C:\Users\Bert\Desktop\FRST64.exe
2013-07-23 15:17 - 2013-02-08 12:37 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-23 14:21 - 2011-11-15 22:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\vlc
2013-07-23 13:56 - 2013-07-23 13:56 - 00377856 _____ C:\Users\Bert\Desktop\gmer_2.1.19163.exe
2013-07-23 13:53 - 2013-07-23 13:51 - 00724952 _____ C:\Users\Bert\Desktop\avenger.zip
2013-07-23 13:24 - 2013-07-23 13:24 - 00001247 _____ C:\Users\Administrator\Desktop\SpyDLLRemover.lnk
2013-07-23 13:24 - 2013-07-23 12:56 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-07-23 13:04 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 13:04 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 13:02 - 2011-11-16 10:08 - 00000000 ____D C:\Users\Bert\AppData\Local\CrashDumps
2013-07-23 12:58 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-23 12:56 - 2013-07-23 12:56 - 00001247 _____ C:\Users\Administrator\Desktop\SpyBHORemover.lnk
2013-07-23 12:53 - 2011-11-19 16:47 - 00000000 ____D C:\Users\Bert\.rainlendar2
2013-07-23 12:51 - 2013-07-23 05:50 - 00000112 _____ C:\windows\setupact.log
2013-07-23 12:51 - 2013-07-21 16:06 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-23 12:51 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-23 05:50 - 2013-07-23 05:50 - 00000000 _____ C:\windows\setuperr.log
2013-07-23 05:41 - 2013-07-23 05:35 - 255018056 _____ (Norman AS) C:\Users\Bert\Desktop\Norman_Malware_Cleaner.exe
2013-07-23 04:39 - 2011-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-23 04:12 - 2013-07-23 04:12 - 00000000 ____D C:\Program Files (x86)\BootkitRemovalTool
2013-07-23 03:46 - 2011-11-15 22:18 - 00000000 ____D C:\Users\Bert\Documents\Anti-Malware
2013-07-23 03:33 - 2013-07-23 03:33 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-23 03:32 - 2013-07-23 03:30 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-23 03:25 - 2013-07-23 03:24 - 20553576 _____ (Simply Super Software                                       ) C:\Users\Bert\Desktop\trjsetup687.exe
2013-07-23 03:23 - 2013-07-23 03:22 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Bert\Desktop\spywareblastersetup50.exe
2013-07-23 03:22 - 2013-07-23 03:22 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Bert\Desktop\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-23 03:22 - 2013-07-23 03:21 - 21516064 _____ (IObit                                                       ) C:\Users\Bert\Desktop\imf-setup_2.0.5.0.exe
2013-07-23 03:20 - 2013-07-23 03:20 - 00618912 _____ (www.download-sponsor.de) C:\Users\Bert\Desktop\tfinstall_universal.exe
2013-07-23 03:17 - 2013-07-23 03:15 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bert\Desktop\spybot-2.1.exe
2013-07-23 03:04 - 2013-07-21 15:02 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-23 02:47 - 2013-07-23 02:47 - 00039015 _____ C:\ComboFix.txt
2013-07-23 02:47 - 2013-07-23 02:20 - 00000000 ____D C:\Qoobox
2013-07-23 02:45 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-07-23 02:20 - 2013-07-23 02:20 - 00000624 _____ C:\Users\Bert\Desktop\JRT.txt
2013-07-23 02:15 - 2013-07-23 02:15 - 05091940 ____R (Swearware) C:\Users\Bert\Desktop\ComboFix.exe
2013-07-23 02:01 - 2011-11-15 20:15 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Macromedia
2013-07-23 01:36 - 2013-06-04 11:39 - 00000000 ____D C:\Program Files (x86)\AdWareCleaner
2013-07-23 01:27 - 2013-07-23 01:27 - 00002742 _____ C:\AdwCleaner[S14].txt
2013-07-23 01:26 - 2013-07-23 01:26 - 00002679 _____ C:\AdwCleaner[R11].txt
2013-07-23 00:47 - 2012-04-26 21:35 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-07-23 00:45 - 2012-11-04 17:51 - 00000000 ____D C:\Program Files (x86)\ThreatFire
2013-07-22 20:10 - 2013-07-15 22:52 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-22 20:06 - 2011-11-16 18:57 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-22 20:00 - 2013-07-22 19:59 - 00000000 ____D C:\56793e0a4fd0078f320ad77a323185
2013-07-22 19:58 - 2011-11-15 22:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-22 19:56 - 2011-11-19 17:05 - 00000000 ____D C:\Program Files (x86)\Prozess Manager
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Opera Software
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Local\Opera Software
2013-07-22 19:32 - 2013-07-22 19:32 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-07-22 19:29 - 2013-07-22 19:26 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 19:00 - 2011-07-29 06:05 - 00696870 _____ C:\windows\system32\perfh007.dat
2013-07-22 19:00 - 2011-07-29 06:05 - 00148134 _____ C:\windows\system32\perfc007.dat
2013-07-22 19:00 - 2009-07-14 07:13 - 01612484 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:48 - 2013-07-22 16:47 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:37 - 2013-07-15 17:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-22 16:32 - 2013-07-22 16:31 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:04 - 2011-07-29 01:49 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2013-07-22 01:47 - 2013-07-21 16:56 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 22:01 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-07-21 18:22 - 2013-07-21 18:21 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:54 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2013-07-21 17:51 - 2013-07-21 17:34 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 16:06 - 2011-11-16 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-21 15:46 - 2013-07-21 15:37 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:46 - 2013-06-28 00:11 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 15:37 - 2012-11-04 17:05 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 09:05 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-07-21 08:00 - 2013-07-20 00:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-21 08:00 - 2012-07-13 13:04 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Launchy
2013-07-21 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 06:00 - 2013-07-21 02:19 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 04:32 - 2013-07-21 03:52 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 04:32 - 2013-07-21 02:50 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ____D C:\VTRoot
2013-07-21 03:36 - 2013-07-16 05:40 - 00000000 ____D C:\Program Files\Unlocker
2013-07-21 03:21 - 2013-07-21 02:30 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:50 - 2013-07-21 02:48 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:19 - 2011-11-16 07:51 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-21 02:00 - 2011-11-15 19:48 - 00000000 ____D C:\Users\Bert
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 01:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-21 01:31 - 2013-07-21 00:46 - 00000000 ____D C:\windows\erdnt
2013-07-21 00:39 - 2012-11-16 10:35 - 00000444 _____ C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-07-21 00:30 - 2011-11-15 20:01 - 00000000 ___RD C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-21 00:28 - 2012-09-05 14:32 - 00002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 00:27 - 2012-11-16 10:35 - 00003314 _____ C:\windows\System32\Tasks\Wise Registry Cleaner Schedule Task
2013-07-21 00:26 - 2013-07-10 00:00 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-21 00:26 - 2013-06-25 21:52 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}
2013-07-21 00:16 - 2011-11-26 22:40 - 00000000 ____D C:\ProgramData\Giraffic
2013-07-21 00:13 - 2011-11-26 22:40 - 00000000 ____D C:\Program Files (x86)\Giraffic
2013-07-21 00:05 - 2013-07-20 00:25 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 19:10 - 2013-07-10 00:02 - 00000000 ____D C:\Program Files\Supercopier
2013-07-20 12:54 - 2013-07-20 12:53 - 00000000 ____D C:\EEK
2013-07-20 02:21 - 2013-02-08 12:37 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-07-20 02:21 - 2013-02-08 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-20 02:21 - 2013-02-08 12:37 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-20 02:01 - 2012-04-25 12:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-20 01:30 - 2013-07-20 01:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 01:29 - 2013-07-17 05:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:43 - 2012-06-25 19:32 - 01093032 _____ (Oracle Corporation) C:\windows\system32\npDeployJava1.dll
2013-07-20 00:43 - 2012-01-17 21:33 - 00972712 _____ (Oracle Corporation) C:\windows\system32\deployJava1.dll
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-19 22:20 - 2011-12-23 15:46 - 00000000 ____D C:\Users\Bert\Documents\FFOutput
2013-07-19 11:44 - 2013-07-18 21:38 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-18 15:03 - 2013-06-04 11:11 - 00025568 _____ (Zemana Ltd.) C:\windows\system32\Drivers\KeyCrypt64.sys
2013-07-18 04:43 - 2013-06-06 04:01 - 00000000 ____D C:\Users\Bert\MediathekView
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 05:27 - 2013-07-16 04:42 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 04:14 - 2013-05-07 17:25 - 00000000 ____D C:\Users\Bert\Documents\Statistik
2013-07-16 04:02 - 2011-11-16 08:34 - 00131136 _____ C:\Users\Bert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-16 04:02 - 2009-07-14 06:45 - 00481992 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 04:01 - 2012-11-04 18:05 - 00002382 _____ C:\windows\Sandboxie.ini
2013-07-16 03:57 - 2013-07-09 23:58 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-16 03:53 - 2011-11-15 19:56 - 00000000 ____D C:\ProgramData\Skype
2013-07-16 03:32 - 2013-07-16 02:49 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-14 01:00 - 2013-07-04 00:16 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-11 23:51 - 2013-07-11 23:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-11 23:51 - 2011-07-29 05:57 - 00000000 ____D C:\windows\ShellNew
2013-07-10 02:14 - 2012-04-07 05:56 - 00000000 ____D C:\windows\Minidump
2013-07-10 02:14 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2013-07-10 02:03 - 2011-11-19 10:35 - 00000000 ____D C:\Program Files (x86)\Registry System Wizard
2013-07-10 01:51 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-07-10 01:47 - 2011-07-29 05:57 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:19 - 2012-09-05 14:56 - 01590378 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:54 - 2011-12-04 12:01 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Apple Computer
2013-07-10 00:42 - 2013-07-10 00:05 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:16 - 2013-07-10 00:14 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2013-07-10 00:09 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:07 - 2012-09-03 04:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-03-05 02:39 - 00000000 ____D C:\ProgramData\Licenses
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:00 - 2011-11-19 10:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-07-10 00:00 - 2011-11-16 09:03 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IObit
2013-07-09 16:06 - 2013-01-29 00:53 - 00000000 ____D C:\Users\Bert\Desktop\Institut für soziale Berufe
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 12:11 - 2012-12-04 23:54 - 00000000 ____D C:\Program Files (x86)\URLSnooper2
2013-07-04 11:14 - 2012-12-18 17:00 - 00084027 _____ C:\Users\Bert\Desktop\Mjusiq.xspf
2013-07-04 11:10 - 2011-11-18 16:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 04:09 - 2012-07-13 01:33 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-04 04:09 - 2011-11-18 16:14 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-04 03:43 - 2012-10-11 11:23 - 00007607 _____ C:\Users\Bert\AppData\Local\Resmon.ResmonCfg
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-03 23:04 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Puran Defrag
2013-07-03 17:05 - 2011-11-15 22:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-03 16:44 - 2013-07-03 16:39 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:18 - 2013-07-02 17:17 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:18 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-26 20:29 - 2012-10-02 11:09 - 00000000 ____D C:\Users\Bert\Desktop\2nd
2013-06-24 00:57 - 2011-11-17 05:14 - 78277128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 08:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-07-2013 01
Ran by Bert at 2013-07-23 15:31:40
Running from C:\Users\Bert\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Any Video Converter 5.0.7 (x32)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Canon MG5100 series MP Drivers
CCleaner (Version: 4.03)
COMODO Firewall (Version: 6.2.20728.2847)
dows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Emsisoft Anti-Malware (x32 Version: 8.0)
Eraser 6.0.10.2620 (Version: 6.0.2620)
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Finanzausgleich zum Selberrechnen (Version: 1.0.2)
GIMP 2.8.2 (Version: 2.8.2)
Google Earth (x32 Version: 7.1.1.1888)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Jitsi (Version: 2.2.4603.9615)
K-Lite Codec Pack 9.9.5 (64-bit) (Version: 9.9.5)
Media Preview (Version: 1.2.5.264)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
O&O Defrag Free Edition (Version: 14.1.431)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Split And Merge Basic (Version: 2.2.2)
PDF-XChange Viewer (Version: 2.5.199.0)
PhotoFiltre 7 (HKCU)
Puran Defrag 7.5
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Recuva (Version: 1.47)
Sandboxie 4.04 (64-bit) (Version: 4.04)
Should I Remove It (HKCU Version: 1.0.4)
Should I Remove It (x32 Version: 1.0.4)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Windows-Treiberpaket - Realtek (RTL8167) Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)
Windows-Treiberpaket - Realtek Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)

==================== Restore Points  =========================

23-07-2013 12:53:26 Installed Should I Remove It

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-23 02:30 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {052FF8F9-17E5-46CE-92E9-2459D443BE1D} - System32\Tasks\WifiManager => %programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe No File
Task: {07BA8459-7B7A-4378-BA93-87DAF8F39996} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe No File
Task: {10A79368-98DA-4ACF-BECF-C06C43ED2E4B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {121D8FED-57CE-49BA-A249-6F4B0FB52E2B} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {1B988CEF-61CE-415B-BA9E-DF7E634739CD} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-06-18] (COMODO)
Task: {1D3851B4-445B-4305-8350-7780C810AE89} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {20EE00D5-6A47-499F-8646-0EEECB513933} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {362D8E5A-6F06-4B37-A8BC-362361B37052} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {3D505DDD-A399-485D-BE86-3973F4B7B2B4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {485C9238-50AE-4DBB-BB0C-BCD991F50DBD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {4BE9723B-5BFB-4B57-B199-62385B836FE7} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {4D6F3CD8-7EAE-4856-81B9-362478929477} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe No File
Task: {710D33EB-91F9-486B-B7BD-3F854CA02D54} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {7A2B3EFC-3362-4935-B339-884F665B6953} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2012-11-08] (WiseCleaner.com)
Task: {7D5CB5A2-919E-4192-A53A-AB0928AB102F} - System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-07-20] (Mozilla Corporation)
Task: {91586A9A-F31D-46B0-AD12-B2EA51F12FB5} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {92801305-2B16-4643-A691-588E7158BDD4} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {9424B58E-CC51-430F-B47D-AF5ADA340E8B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {9809E7C2-3D95-425E-806A-CCC7DA20450E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {A2EC6E16-DD7C-42E6-A5BB-55CE62962A8B} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe No File
Task: {A754AED3-5EAC-4B65-AE7C-49DC73AA420B} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {B971BF12-5F0B-4B04-A0DD-92042CAE76EC} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe No File
Task: {C2390F26-B14C-45EF-AE0D-BDB414531F1B} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {C40C0685-91D5-4663-89AD-3E9C29063AA7} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-06-18] (COMODO)
Task: {C50A22D2-F54D-482A-9577-DF42FF3B6FC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {C7F32861-B0A4-450B-A160-0EFCB9969A8E} - System32\Tasks\SUPBackground => %ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {CE138B3D-A62C-41D2-AD85-F767AB0971FD} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2013-06-19] (Piriform Ltd)
Task: {DC7F9992-F690-448D-976A-21B1347CC9FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EA4ED269-2A24-41F4-9428-38506827D19F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-06-08] (IObit)
Task: {FFBED0E0-3C47-49A8-8D34-064CA7B1A8D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Faulty Device Manager Devices =============

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2013 03:17:49 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5176. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:16:18 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5852. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:15:04 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2708. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:10:59 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5708. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:10:50 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2996. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:34:19 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5260. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:29:08 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2860. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:24:44 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5696. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:17:04 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3488. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:02:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CLMLSvc.exe, Version: 2.1.1803.0, Zeitstempel: 0x4a2670aa
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007898d
ID des fehlerhaften Prozesses: 0x1310
Startzeit der fehlerhaften Anwendung: 0xCLMLSvc.exe0
Pfad der fehlerhaften Anwendung: CLMLSvc.exe1
Pfad des fehlerhaften Moduls: CLMLSvc.exe2
Berichtskennung: CLMLSvc.exe3


System errors:
=============
Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/23/2013 03:30:28 PM) (Source: DCOM) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (07/23/2013 03:30:28 PM) (Source: DCOM) (User: )
Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}


Microsoft Office Sessions:
=========================
Error: (07/23/2013 03:31:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2013 03:17:49 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5176. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:16:18 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5852. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:15:04 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2708. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:10:59 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5708. Meldungs-ID: [0x2509].

Error: (07/23/2013 03:10:50 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2996. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:34:19 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5260. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:29:08 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2860. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:24:44 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 5696. Meldungs-ID: [0x2509].

Error: (07/23/2013 01:17:04 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3488. Meldungs-ID: [0x2509].


CodeIntegrity Errors:
===================================
  Date: 2013-07-23 03:18:41.635
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A795.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:18:41.408
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A795.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:10:23.899
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:10:23.720
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:07:50.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:07:50.106
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 02:29:47.957
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 02:29:47.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 4009.55 MB
Available physical RAM: 3042.62 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 7072.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71 GB) (Free:17.99 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:203.63 GB) (Free:1.5 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 010722F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================
         
Die Probleme hab' ich im Firefox!

Schon mal ein großes Dankeschön für deine bisherige Hilfe!

Anbei noch ein Ergebnis aus meinem Norma Malware Cleaner Scan, der gerade läuft:
"C:\Windows\Installer\34c2dc.msi/Binary.WidgiInstallHelper.dll". Könnte das evtl. mit dem Kram was zu tun haben?

Alt 23.07.2013, 19:07   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Nee aber die Datei kannst löschen.

Zitat:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
Kennst Du das?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.07.2013, 19:56   #15
UltimateBert
 
Nervige Werbung: 'Ads not by this site'-Problem - Standard

Nervige Werbung: 'Ads not by this site'-Problem



Zitat:
Zitat von schrauber Beitrag anzeigen
Nee aber die Datei kannst löschen.



Kennst Du das?
Ja, hab ich irgendwann mal aufgespielt!

Antwort

Themen zu Nervige Werbung: 'Ads not by this site'-Problem
ads, ads not by this site, adware entfernen, anhänge, anhängen, bekannte, ergebnis, gen, help, hänge, hängen, häufiger, junkware, junkware removal tool, klasse, nervige, not, please, please help, rechner, removal, schließe, this, tool, werbung



Ähnliche Themen: Nervige Werbung: 'Ads not by this site'-Problem


  1. nervige Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.08.2015 (9)
  2. Nervige Werbung - Malware?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2015 (11)
  3. compatibilitycheck.exe läuft im Taskmanager und ich höre Ständig nervige Werbung
    Log-Analyse und Auswertung - 02.04.2015 (19)
  4. Ständig nervige Werbung im Chrome Browser
    Log-Analyse und Auswertung - 01.03.2015 (13)
  5. Werbung und nervige Tabs die sich bei klick auf eine Seite öffnen sowie Blaue schricht im Brwoser mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2015 (6)
  6. Ads_by_Show-Password - Malware nervige Werbung
    Log-Analyse und Auswertung - 15.10.2014 (11)
  7. Unterstrichene Wörter und nervige Werbung überall beim IE
    Plagegeister aller Art und deren Bekämpfung - 13.05.2014 (11)
  8. Protect Search von Conduit, nervige Werbung...
    Log-Analyse und Auswertung - 12.04.2014 (1)
  9. dfs.pathdone.net - nervige werbung bei firefox, schadsoftware auf mein computer?
    Log-Analyse und Auswertung - 29.10.2013 (7)
  10. Ads not by this Site Problem
    Plagegeister aller Art und deren Bekämpfung - 11.08.2013 (12)
  11. Ads not by this site - Werbung
    Log-Analyse und Auswertung - 22.03.2013 (9)
  12. Nervige Werbung und Fehlermeldungen öffnen sich
    Log-Analyse und Auswertung - 22.07.2010 (1)
  13. Ich bekomme andauernd nervige Werbung vom Internet Explorer
    Log-Analyse und Auswertung - 19.02.2010 (10)
  14. nervige werbung öffnet sich ständig
    Log-Analyse und Auswertung - 03.10.2009 (1)
  15. TR/Dldr.Swizzor.HNV und nervige internet werbung bitte hilfe!
    Mülltonne - 08.09.2008 (0)
  16. nervige werbung
    Plagegeister aller Art und deren Bekämpfung - 05.06.2008 (8)
  17. Nervige Werbung... :/
    Plagegeister aller Art und deren Bekämpfung - 09.12.2006 (1)

Zum Thema Nervige Werbung: 'Ads not by this site'-Problem - Die bekannten, bei euch hier ja auch häufiger beschriebenen Werbeattacken mit 'Ads not by this site'-Einblendungen haben meinen Rechner auch erwischt. Das Junkware Removal Tool u. a. habe ich schon - Nervige Werbung: 'Ads not by this site'-Problem...
Archiv
Du betrachtest: Nervige Werbung: 'Ads not by this site'-Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.