Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Hijackerbefall search.certified-toolbar.com

Windows 7: Hijackerbefall search.certified-toolbar.com


Log-Analyse und Auswertung: Windows 7: Hijackerbefall search.certified-toolbar.com

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.09.2013, 19:44   #1
Planlos999
 
Windows 7: Hijackerbefall search.certified-toolbar.com - Standard

Windows 7: Hijackerbefall search.certified-toolbar.com


Hi!
Mein Rechner ist seit vorgestern vom Hijacker search.certified-toolbar.com befallen. Beim Öffnen meines Browsers (Chrome) öffnen sich immer gleich 4 Tabs, wovon 2 meine normale Startseite (google), eine leere Seite und eben eine Seite mit oben genannter Internetadresse sind.
Ich habe hier im Forum gesehen, dass schon einige andere Leute wegen diesem Hijacker angefragt hatten. Habe also auch schon die ein oder andere Lösung gemäß der Vorschläge des Trojaner-Board-Teams probiert, bisher allerdings ohne Erfolg.
Daher wäre nun doch über etwas Hilfe sehr dankbar!

Im Folgenden nun noch die Log-Files (Teil1):

Defogger
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:39 on 07/09/2013 (Waldemar)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST64
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2013 01
Ran by Waldemar (administrator) on WALDEMAR-TOSH on 07-09-2013 15:40:21
Running from C:\Users\Waldemar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(AMD) C:\Windows\system32\atieclxx.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Waldemar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-09] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1870120 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1482592 2009-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [UseDefaultTile] 0
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 0
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Waldemar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-01] (Spotify Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Waldemar\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-23] (Google Inc.)
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 0
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [HideLogonScripts] 0
HKCU\...\Policies\Explorer: [NoAddPrinter] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [RestrictCpl] 0
HKCU\...\Policies\Explorer: [DisallowCpl] 0
HKCU\...\Policies\Explorer: [NoDriveAutoRun] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0
HKCU\...\Policies\Explorer: [NoDrivesInSendToMenu] 0
HKCU\...\Policies\Explorer: [PreventItemCreationInUsersFilesFolder] 0
HKCU\...\Policies\Explorer: [NoReadingPane] 0
HKCU\...\Policies\Explorer: [NoPreviewPane] 0
HKCU\...\Policies\Explorer: [DontSetAutoplayCheckbox] 0
HKCU\...\Policies\Explorer: [NoPropertiesMyDocuments] 0
HKCU\...\Policies\Explorer: [NoPropertiesRecycleBin] 0
HKCU\...\Policies\Explorer: [NoManageMyComputerVerb] 0
HKCU\...\Policies\Explorer: [NoCustomizeWebView] 0
HKCU\...\Policies\Explorer: [NoFileMenu] 0
HKCU\...\Policies\Explorer: [NoWinKeys] 0
HKCU\...\Policies\Explorer: [NoDFSTab] 0
HKCU\...\Policies\Explorer: [NoHardwareTab] 0
HKCU\...\Policies\Explorer: [NoSecurityTab] 0
HKCU\...\Policies\Explorer: [DisableThumbnails] 0
HKCU\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 0
HKCU\...\Policies\Explorer: [NoInstrumentation] 0
HKCU\...\Policies\Explorer: [NoCustomizeThisFolder] 0
HKCU\...\Policies\Explorer: [NoWebView] 0
HKCU\...\Policies\Explorer: [DontShowSuperHidden] 0
HKCU\...\Policies\Explorer: [NoOnlinePrintsWizard] 0
HKCU\...\Policies\Explorer: [NoPublishingWizard] 0
HKCU\...\Policies\Explorer: [AlwaysShowClassicMenu] 0
HKCU\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 0
HKCU\...\Policies\Explorer: [NoUserFolderInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSearchInternetInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSearchCommInStartMenu] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
HKCU\...\Policies\Explorer: [NoSMConfigurePrograms] 0
HKCU\...\Policies\Explorer: [NoRecentDocsMenu] 0
HKCU\...\Policies\Explorer: [NoSMMyPictures] 0
HKCU\...\Policies\Explorer: [NoStartMenuMyMusic] 0
HKCU\...\Policies\Explorer: [NoSMMyDocs] 0
HKCU\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0
HKCU\...\Policies\Explorer: [NoFavoritesMenu] 0
HKCU\...\Policies\Explorer: [NoHelp] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 0
HKCU\...\Policies\Explorer: [NoStartMenuPinnedList] 0
HKCU\...\Policies\Explorer: [NoStartMenuEjectPC] 0
HKCU\...\Policies\Explorer: [NoSimpleStartMenu] 0
HKCU\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKCU\...\Policies\Explorer: [NoDisconnect] 0
HKCU\...\Policies\Explorer: [NoNtSecurity] 0
HKCU\...\Policies\Explorer: [GreyMSIAds] 0
HKCU\...\Policies\Explorer: [ForceMaxRecentDocs] 0
HKCU\...\Policies\Explorer: [NoStartMenuMyGames] 0
HKCU\...\Policies\Explorer: [NoSMBalloonTip] 0
HKCU\...\Policies\Explorer: [NoSMBalloonTips] 0
HKCU\...\Policies\Explorer: [LockTaskbar] 0
HKCU\...\Policies\Explorer: [HideSCAVolume] 0
HKCU\...\Policies\Explorer: [HideSCANetwork] 0
HKCU\...\Policies\Explorer: [HideSCAPower] 0
HKCU\...\Policies\Explorer: [HideSCABattery] 0
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 0
HKCU\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0
HKCU\...\Policies\Explorer: [NoTaskGrouping] 0
HKCU\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKCU\...\Policies\Explorer: [TaskbarLockAll] 0
HKCU\...\Policies\Explorer: [TaskbarNoResize] 0
HKCU\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 0
HKCU\...\Policies\Explorer: [TaskbarNoDragToolbar] 0
HKCU\...\Policies\Explorer: [TaskbarNoRedock] 0
HKCU\...\Policies\Explorer: [RestrictWelcomeCenter] 0
HKCU\...\Policies\Explorer: [NoWebServices] 0
HKCU\...\Policies\Explorer: [NoFileUrl] 0
HKCU\...\Policies\Explorer: [NoBandCustomize] 0
HKCU\...\Policies\Explorer: [SpecifyDefaultButtons] 0
HKCU\...\Policies\Explorer: [NoInplaceSharing] 0
HKCU\...\Policies\Explorer: [NoNetHood] 0
HKCU\...\Policies\Explorer: [NoNetConnectDisconnect] 0
HKCU\...\Policies\Explorer: [UseFoldersInStartMenu] 0
HKCU\...\Policies\Explorer: [TurnOffSPIAnimations] 0
HKCU\...\Policies\Explorer: [EnforceShellExtensionSecurity] 0
HKCU\...\Policies\Explorer: [NoLogOff] 0
HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKCU\...\Policies\Explorer: [PromptRunasInstallNetPath] 1
HKCU\...\Policies\Explorer: [NoResolveSearch] 0
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 0
HKCU\...\Policies\Explorer: [NoThumbnailCache] 0
HKCU\...\Policies\Explorer: [ForceCopyAclwithFile] 0
HKCU\...\Policies\Explorer: [StartRunNoHOMEPATH] 0
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378453097109&tguid=66920-6787-1378453097109-13A63D01D459733C2F962EB1E0AC961B&q={searchTerms}
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378453097109&tguid=66920-6787-1378453097109-13A63D01D459733C2F962EB1E0AC961B&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1378453097109&tguid=66920-6787-1378453097109-13A63D01D459733C2F962EB1E0AC961B&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
ShellExecuteHooks-x32:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Waldemar\AppData\Roaming\Mozilla\Firefox\Profiles\2vi26lg2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Waldemar\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Waldemar\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: firebug - C:\Users\Waldemar\AppData\Roaming\Mozilla\Firefox\Profiles\2vi26lg2.default\Extensions\firebug@software.joehewitt.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.de/", "about:newtab?source=home", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1378453097109&tguid=66920-6787-1378453097109-13A63D01D459733C2F962EB1E0AC961B", "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Java(TM) Platform SE 7 U4) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfloaameefimoafaijjlknlgongaoij\0.3.3_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (YouTube Unblocker) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.5_0
CHR Extension: (Gmail) - C:\Users\Waldemar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Waldemar\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-09-06] (SurfRight B.V.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2010-07-09] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-10-15] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-06] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-30] (DT Soft Ltd)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-10-15] ()
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [113536 2007-10-15] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [113536 2007-10-15] (Novatel Wireless Inc.)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-07 15:39 - 2013-09-07 15:39 - 00000478 _____ C:\Users\Waldemar\Desktop\defogger_disable.log
2013-09-07 15:38 - 2013-09-07 15:38 - 00377856 _____ C:\Users\Waldemar\Desktop\gmer_2.1.19163.exe
2013-09-07 15:35 - 2013-09-07 15:35 - 01948682 _____ (Farbar) C:\Users\Waldemar\Desktop\FRST64.exe
2013-09-07 15:32 - 2013-09-07 15:32 - 00050477 _____ C:\Users\Waldemar\Desktop\Defogger.exe
2013-09-07 14:41 - 2013-09-07 14:41 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Waldemar\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-07 14:18 - 2013-09-07 14:18 - 00259584 _____ (OldTimer Tools) C:\Users\Waldemar\Desktop\OTH.exe
2013-09-07 14:17 - 2013-09-07 14:17 - 00602112 _____ (OldTimer Tools) C:\Users\Waldemar\Desktop\OTL.exe
2013-09-07 12:46 - 2013-09-07 12:46 - 01037134 _____ C:\Users\Waldemar\Desktop\adwcleaner_3002.exe
2013-09-06 16:42 - 2013-09-06 16:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-09-06 16:17 - 2013-09-06 16:17 - 00001912 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-09-06 16:15 - 2013-09-06 16:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-06 16:15 - 2013-09-06 16:17 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-06 16:15 - 2013-09-06 16:15 - 00000000 ____D C:\Users\Waldemar\Desktop\HitmanPro_3.7.7.205
2013-09-06 16:14 - 2013-09-06 16:14 - 12247350 _____ C:\Users\Waldemar\Desktop\HitmanPro_3.7.7.205.zip
2013-09-06 12:22 - 2013-09-07 15:00 - 00000448 _____ C:\Windows\setupact.log
2013-09-06 12:22 - 2013-09-06 12:22 - 00000000 _____ C:\Windows\setuperr.log
2013-09-06 12:20 - 2013-09-06 16:04 - 00003604 _____ C:\Windows\PFRO.log
2013-09-06 12:16 - 2013-09-07 12:50 - 00000000 ____D C:\AdwCleaner
2013-09-06 10:18 - 2010-02-27 07:32 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2013-09-06 10:10 - 2013-07-16 11:14 - 03486680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-09-06 10:10 - 2013-07-16 09:20 - 29216256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-09-06 10:10 - 2013-07-16 04:52 - 00147160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-09-06 10:10 - 2013-07-12 05:26 - 00618913 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-09-06 10:10 - 2013-07-09 08:20 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-09-06 10:10 - 2013-07-08 09:32 - 04810008 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-09-06 10:10 - 2013-07-08 09:31 - 00758104 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-09-06 10:10 - 2013-06-27 05:12 - 02795224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-09-06 10:10 - 2013-06-26 09:18 - 14041344 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-09-06 10:10 - 2013-06-26 09:17 - 27515648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-09-06 10:10 - 2013-06-26 09:17 - 03603712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-09-06 10:10 - 2013-06-26 09:17 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-09-06 10:10 - 2013-06-18 10:52 - 01004248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-09-06 10:10 - 2013-06-18 08:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-09-06 10:10 - 2013-06-13 10:20 - 05448460 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-09-06 10:10 - 2013-06-10 18:10 - 00791808 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-09-06 10:10 - 2013-06-10 18:10 - 00633088 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-09-06 10:10 - 2013-06-10 18:10 - 00521472 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-09-06 10:10 - 2013-06-10 18:10 - 00213760 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-09-06 10:10 - 2013-04-24 08:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-09-06 10:10 - 2013-04-08 08:37 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-09-06 10:10 - 2013-04-08 08:36 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-09-06 10:10 - 2013-04-08 08:36 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-09-06 10:10 - 2013-04-03 13:02 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-09-06 10:10 - 2013-04-03 05:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-09-06 10:10 - 2013-02-20 09:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-09-06 10:10 - 2012-12-17 08:49 - 00547784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-09-06 10:10 - 2012-08-31 10:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-09-06 10:10 - 2012-08-31 10:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-09-06 10:10 - 2012-08-31 10:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-09-06 10:10 - 2012-08-31 10:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-09-06 10:10 - 2012-08-31 10:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-09-06 10:10 - 2012-07-15 12:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-09-06 10:10 - 2012-01-30 02:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-09-06 10:10 - 2012-01-10 01:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-09-06 10:10 - 2011-12-20 06:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-09-06 10:10 - 2011-11-22 07:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-09-06 10:10 - 2011-09-02 05:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-09-06 10:10 - 2011-09-02 05:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-09-06 10:10 - 2011-09-02 05:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-09-06 10:10 - 2011-03-17 03:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-09-06 10:10 - 2011-03-07 08:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-09-06 10:10 - 2010-11-07 22:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-09-06 10:10 - 2010-11-03 09:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-09-06 10:10 - 2010-07-22 07:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-09-06 10:10 - 2009-11-24 00:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-09-06 10:10 - 2009-11-24 00:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-09-06 10:10 - 2009-11-24 00:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-09-06 10:10 - 2009-11-24 00:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-09-06 10:09 - 2013-06-26 09:18 - 00920832 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-09-06 10:09 - 2013-06-26 09:17 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-09-06 10:09 - 2013-06-26 09:17 - 01904384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-09-06 10:09 - 2013-06-21 02:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-09-06 10:09 - 2013-06-18 08:44 - 02736160 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-09-06 10:09 - 2013-06-05 12:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-09-06 10:09 - 2013-04-15 02:19 - 00722688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-09-06 10:09 - 2012-12-12 02:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-09-06 10:09 - 2012-10-02 05:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-09-06 10:09 - 2012-10-02 05:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-09-06 10:09 - 2012-10-02 05:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-09-06 10:09 - 2012-09-10 11:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-09-06 10:09 - 2012-06-20 08:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-09-06 10:09 - 2012-03-08 02:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-09-06 10:09 - 2011-08-23 08:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-09-06 10:09 - 2011-05-31 00:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-09-06 10:09 - 2010-09-27 00:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-09-06 09:40 - 2013-09-06 09:42 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-09-06 09:40 - 2013-09-06 09:40 - 00000000 ____D C:\Users\Waldemar\Documents\Freemium Driver Utilities
2013-09-06 09:39 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-06 09:38 - 2013-09-06 09:38 - 00002543 _____ C:\Users\Public\Desktop\Free Driver Scout.lnk
2013-09-06 09:37 - 2013-09-06 09:38 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-05 21:22 - 2013-09-05 21:22 - 00002966 _____ C:\Windows\System32\Tasks\{E186C843-4735-4799-A8A4-48FC106BA6E4}
2013-09-05 21:22 - 2013-09-05 21:22 - 00002966 _____ C:\Windows\System32\Tasks\{CCD1D2C2-116A-4630-8232-AB714145766B}
2013-09-05 21:15 - 2013-09-05 21:15 - 00000000 ____D C:\gamigo
2013-09-05 21:07 - 2013-09-05 21:07 - 00002966 _____ C:\Windows\System32\Tasks\{50ACC800-F89F-46C4-9B37-5683D0E7A90F}
2013-09-05 21:06 - 2013-09-05 21:06 - 00002966 _____ C:\Windows\System32\Tasks\{D9C4BB46-E925-4119-AE49-A83CA7667A5F}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{CEB0379C-2C1D-4011-8704-2FA63BDBF1EB}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{AA238160-59A8-49DF-8943-417AFC65308D}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{8D504CC6-5BC0-4C53-8911-F6B0924A07D3}
2013-09-05 21:03 - 2013-09-05 21:03 - 00002966 _____ C:\Windows\System32\Tasks\{2194A33D-879B-4D14-9CEC-C5F73A1DB194}
2013-09-05 20:29 - 2013-09-05 20:29 - 00002966 _____ C:\Windows\System32\Tasks\{18AFC71A-B0CF-4994-9104-CC822AD1A2C1}
2013-09-05 20:29 - 2013-09-05 20:29 - 00002966 _____ C:\Windows\System32\Tasks\{06826B67-073A-4808-88CB-E966AC0C9EFC}
2013-09-05 18:20 - 2013-09-05 20:19 - 2412630842 _____ C:\Users\Waldemar\Desktop\Loong-Dragonblood (1).exe
2013-09-05 16:15 - 2013-09-05 16:15 - 00010384 _____ C:\Users\Waldemar\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-05 15:16 - 2013-09-05 15:16 - 00000000 ____D C:\Users\Waldemar\AppData\Local\SWTORPerf
2013-09-05 15:16 - 2013-09-05 15:16 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-09-05 15:12 - 2013-09-05 15:14 - 00016456 _____ C:\Users\Waldemar\Documents\Install STAR WARS The Old Republic.log
2013-09-05 15:12 - 2013-09-05 15:12 - 00000000 ____D C:\Users\hedev
2013-09-03 16:48 - 2013-09-03 16:48 - 00000000 ____D C:\Users\Waldemar\Desktop\ike
2013-09-03 16:46 - 2013-09-03 16:47 - 22438953 _____ C:\Users\Waldemar\Desktop\ike.zip
2013-08-27 14:37 - 2013-08-27 14:37 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-27 14:36 - 2013-08-27 14:37 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-27 14:36 - 2013-08-27 14:37 - 00000000 ____D C:\Program Files\iTunes
2013-08-27 14:36 - 2013-08-27 14:37 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-27 14:36 - 2013-08-27 14:36 - 00000000 ____D C:\Program Files\iPod
2013-08-21 12:30 - 2013-08-21 12:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2013-08-21 12:28 - 2013-08-21 12:28 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-21 12:28 - 2013-08-21 12:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-21 12:27 - 2013-08-21 12:27 - 00000000 __RHD C:\MSOCache
2013-08-14 13:52 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 13:52 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 13:52 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 13:52 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 13:52 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 13:52 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 13:52 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 13:52 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 13:52 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 13:52 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 13:52 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 13:52 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 13:52 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 13:52 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 08:16 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 08:16 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 08:16 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 08:16 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 08:16 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 08:16 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 08:16 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 08:16 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 08:16 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 08:16 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 08:16 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 08:16 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 08:16 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 08:16 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 08:16 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 08:16 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 08:16 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 08:16 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 08:16 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 08:16 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 08:16 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 08:16 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 08:16 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 08:16 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 08:16 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 08:16 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 08:16 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-07 15:41 - 2010-07-08 20:28 - 00000000 ____D C:\Users\Waldemar\AppData\Roaming\Skype
2013-09-07 15:40 - 2013-09-07 15:40 - 00000000 ____D C:\FRST
2013-09-07 15:39 - 2013-09-07 15:39 - 00000478 _____ C:\Users\Waldemar\Desktop\defogger_disable.log
2013-09-07 15:38 - 2013-09-07 15:38 - 00377856 _____ C:\Users\Waldemar\Desktop\gmer_2.1.19163.exe
2013-09-07 15:35 - 2013-09-07 15:35 - 01948682 _____ (Farbar) C:\Users\Waldemar\Desktop\FRST64.exe
2013-09-07 15:32 - 2013-09-07 15:32 - 00050477 _____ C:\Users\Waldemar\Desktop\Defogger.exe
2013-09-07 15:15 - 2012-03-31 09:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 15:09 - 2009-07-14 06:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-07 15:09 - 2009-07-14 06:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-07 15:02 - 2012-01-23 16:17 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-896397904-1489876637-2511538118-1000UA.job
2013-09-07 15:01 - 2010-08-16 17:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-07 15:00 - 2013-09-06 12:22 - 00000448 _____ C:\Windows\setupact.log
2013-09-07 15:00 - 2010-03-21 06:51 - 01359123 _____ C:\Windows\WindowsUpdate.log
2013-09-07 15:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-07 14:56 - 2010-08-16 17:22 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-07 14:42 - 2011-02-23 20:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-07 14:41 - 2013-09-07 14:41 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Waldemar\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-07 14:18 - 2013-09-07 14:18 - 00259584 _____ (OldTimer Tools) C:\Users\Waldemar\Desktop\OTH.exe
2013-09-07 14:17 - 2013-09-07 14:17 - 00602112 _____ (OldTimer Tools) C:\Users\Waldemar\Desktop\OTL.exe
2013-09-07 12:50 - 2013-09-06 12:16 - 00000000 ____D C:\AdwCleaner
2013-09-07 12:46 - 2013-09-07 12:46 - 01037134 _____ C:\Users\Waldemar\Desktop\adwcleaner_3002.exe
2013-09-06 16:42 - 2013-09-06 16:42 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-09-06 16:42 - 2013-09-06 16:15 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-06 16:17 - 2013-09-06 16:17 - 00001912 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-09-06 16:17 - 2013-09-06 16:15 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-06 16:15 - 2013-09-06 16:15 - 00000000 ____D C:\Users\Waldemar\Desktop\HitmanPro_3.7.7.205
2013-09-06 16:14 - 2013-09-06 16:14 - 12247350 _____ C:\Users\Waldemar\Desktop\HitmanPro_3.7.7.205.zip
2013-09-06 16:04 - 2013-09-06 12:20 - 00003604 _____ C:\Windows\PFRO.log
2013-09-06 12:22 - 2013-09-06 12:22 - 00000000 _____ C:\Windows\setuperr.log
2013-09-06 12:10 - 2009-12-04 14:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-06 12:00 - 2009-12-04 13:45 - 00000000 ____D C:\Windows\Panther
2013-09-06 11:57 - 2011-03-07 19:00 - 00000000 ____D C:\Program Files\CCleaner
2013-09-06 11:56 - 2013-01-31 11:40 - 00000000 ____D C:\Users\Waldemar\AppData\Roaming\vlc
2013-09-06 10:11 - 2010-03-21 06:54 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-09-06 09:42 - 2013-09-06 09:40 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-09-06 09:40 - 2013-09-06 09:40 - 00000000 ____D C:\Users\Waldemar\Documents\Freemium Driver Utilities
2013-09-06 09:39 - 2012-04-26 13:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-06 09:38 - 2013-09-06 09:38 - 00002543 _____ C:\Users\Public\Desktop\Free Driver Scout.lnk
2013-09-06 09:38 - 2013-09-06 09:37 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-06 01:02 - 2012-01-23 16:17 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-896397904-1489876637-2511538118-1000Core.job
2013-09-05 21:22 - 2013-09-05 21:22 - 00002966 _____ C:\Windows\System32\Tasks\{E186C843-4735-4799-A8A4-48FC106BA6E4}
2013-09-05 21:22 - 2013-09-05 21:22 - 00002966 _____ C:\Windows\System32\Tasks\{CCD1D2C2-116A-4630-8232-AB714145766B}
2013-09-05 21:15 - 2013-09-05 21:15 - 00000000 ____D C:\gamigo
2013-09-05 21:07 - 2013-09-05 21:07 - 00002966 _____ C:\Windows\System32\Tasks\{50ACC800-F89F-46C4-9B37-5683D0E7A90F}
2013-09-05 21:06 - 2013-09-05 21:06 - 00002966 _____ C:\Windows\System32\Tasks\{D9C4BB46-E925-4119-AE49-A83CA7667A5F}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{CEB0379C-2C1D-4011-8704-2FA63BDBF1EB}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{AA238160-59A8-49DF-8943-417AFC65308D}
2013-09-05 21:05 - 2013-09-05 21:05 - 00002966 _____ C:\Windows\System32\Tasks\{8D504CC6-5BC0-4C53-8911-F6B0924A07D3}
2013-09-05 21:03 - 2013-09-05 21:03 - 00002966 _____ C:\Windows\System32\Tasks\{2194A33D-879B-4D14-9CEC-C5F73A1DB194}
2013-09-05 20:29 - 2013-09-05 20:29 - 00002966 _____ C:\Windows\System32\Tasks\{18AFC71A-B0CF-4994-9104-CC822AD1A2C1}
2013-09-05 20:29 - 2013-09-05 20:29 - 00002966 _____ C:\Windows\System32\Tasks\{06826B67-073A-4808-88CB-E966AC0C9EFC}
2013-09-05 20:19 - 2013-09-05 18:20 - 2412630842 _____ C:\Users\Waldemar\Desktop\Loong-Dragonblood (1).exe
2013-09-05 16:17 - 2010-07-29 13:12 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-09-05 16:15 - 2013-09-05 16:15 - 00010384 _____ C:\Users\Waldemar\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-05 15:16 - 2013-09-05 15:16 - 00000000 ____D C:\Users\Waldemar\AppData\Local\SWTORPerf
2013-09-05 15:16 - 2013-09-05 15:16 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2013-09-05 15:14 - 2013-09-05 15:12 - 00016456 _____ C:\Users\Waldemar\Documents\Install STAR WARS The Old Republic.log
2013-09-05 15:12 - 2013-09-05 15:12 - 00000000 ____D C:\Users\hedev
2013-09-03 16:48 - 2013-09-03 16:48 - 00000000 ____D C:\Users\Waldemar\Desktop\ike
2013-09-03 16:47 - 2013-09-03 16:46 - 22438953 _____ C:\Users\Waldemar\Desktop\ike.zip
2013-09-02 15:40 - 2013-08-06 10:37 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 15:40 - 2013-08-06 10:34 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 15:40 - 2013-08-06 10:34 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-01 01:50 - 2012-10-23 19:14 - 00000000 ____D C:\Users\Waldemar\AppData\Roaming\Spotify
2013-08-31 13:46 - 2012-10-23 19:14 - 00000000 ____D C:\Users\Waldemar\AppData\Local\Spotify
2013-08-29 08:15 - 2009-07-14 19:58 - 00711076 _____ C:\Windows\system32\perfh007.dat
2013-08-29 08:15 - 2009-07-14 19:58 - 00154136 _____ C:\Windows\system32\perfc007.dat
2013-08-29 08:15 - 2009-07-14 07:13 - 01650820 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-27 14:37 - 2013-08-27 14:37 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-27 14:37 - 2013-08-27 14:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-27 14:37 - 2013-08-27 14:36 - 00000000 ____D C:\Program Files\iTunes
2013-08-27 14:37 - 2013-08-27 14:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-27 14:36 - 2013-08-27 14:36 - 00000000 ____D C:\Program Files\iPod
2013-08-26 13:27 - 2013-05-21 16:40 - 00000000 ____D C:\Users\Waldemar\Documents\Kündigungen
2013-08-26 13:26 - 2013-05-03 12:23 - 00000000 ____D C:\Users\Waldemar\Documents\o2
2013-08-24 08:39 - 2009-12-04 14:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-24 08:35 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2013-08-21 16:15 - 2012-03-31 09:28 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 16:15 - 2012-03-31 09:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 16:15 - 2012-01-24 15:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 15:22 - 2009-07-14 06:45 - 03033960 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-21 15:20 - 2010-07-08 15:29 - 00113288 _____ C:\Users\Waldemar\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-21 12:31 - 2009-12-04 14:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-08-21 12:30 - 2013-08-21 12:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2013-08-21 12:30 - 2009-12-04 14:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-21 12:30 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2013-08-21 12:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-21 12:29 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-21 12:28 - 2013-08-21 12:28 - 00000000 ____D C:\Program Files\Microsoft Office
2013-08-21 12:28 - 2013-08-21 12:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-08-21 12:27 - 2013-08-21 12:27 - 00000000 __RHD C:\MSOCache
2013-08-21 12:25 - 2010-07-08 23:50 - 00000000 ____D C:\Users\Waldemar\AppData\Roaming\DAEMON Tools Lite
2013-08-21 12:25 - 2010-07-08 23:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-08-21 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-08-21 10:19 - 2012-07-08 10:26 - 00000000 ____D C:\Users\Waldemar\Documents\Rechnungen
2013-08-21 10:14 - 2011-12-10 16:00 - 00000000 ____D C:\Users\Waldemar\Desktop\ÖPNV Leipzig
2013-08-21 09:47 - 2013-05-21 16:38 - 00000000 ____D C:\Users\Waldemar\Documents\Steuererklärung
2013-08-20 13:35 - 2010-10-07 10:28 - 00000000 ____D C:\Users\Waldemar\Documents\Bewerbung
2013-08-20 09:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 13:47 - 2013-07-28 09:21 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 13:45 - 2010-07-11 11:57 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 08:38 - 2013-09-06 09:39 - 00032328 _____ C:\Windows\Launcher.exe

Files to move or delete:
====================
C:\Users\Waldemar\fbchathistory.dat
C:\Users\Waldemar\AppData\Local\Temp\BRSVC_9921694_hlp.exe
C:\Users\Waldemar\AppData\Local\Temp\Quarantine.exe
C:\Users\Waldemar\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\Waldemar\AppData\Local\Temp\_isE7C2.exe
C:\Users\Waldemar\AppData\Local\Temp\_isF308.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 00:41

==================== End Of Log ============================

 

Themen zu Windows 7: Hijackerbefall search.certified-toolbar.com
adblock, administrator, adware.packed.ranver, askbar, exp/cve-2012-0507.a.1003, exp/cve-2012-0507.a.1014, exp/cve-2012-0507.a.986, exp/cve-2012-0507.a.997, exp/cve-2012-0507.ea, farbar, farbar recovery scan tool, flash player, focus, freemium, newtab, plug-in, pup.optional.hometab.a, pup.optional.lyricsad, secunia psi, services.exe, spotify web helper, windows, winlogon.exe


« Win7 : Monstermarketplace-Weiterleitung in websites | Spyhunter 4 und andere Kleinigkeiten »


Ähnliche Themen: Windows 7: Hijackerbefall search.certified-toolbar.com


  1. PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (23)
  2. Windows XP, schwedisch, Firefox, certified toolbar entfernen misslingt
    Log-Analyse und Auswertung - 10.01.2014 (17)
  3. Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen
    Plagegeister aller Art und deren Bekämpfung - 19.10.2013 (20)
  4. certified-toolbar.com entfernen
    Anleitungen, FAQs & Links - 10.10.2013 (2)
  5. search.certified-toolbar.com einfach gelöscht in Firefox
    Log-Analyse und Auswertung - 05.10.2013 (3)
  6. Selbstständiges Öffnen von Webseiten & Certified-Toolbar-Search
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (14)
  7. Windows 7, search.certified-toolbar.com
    Log-Analyse und Auswertung - 14.09.2013 (21)
  8. search.certified-toolbar entfernen?
    Log-Analyse und Auswertung - 01.09.2013 (19)
  9. "NAV-Links" und "Certified-Toolbar (Search)" rauben mir den letzten Nerv! Was tun?
    Log-Analyse und Auswertung - 23.08.2013 (8)
  10. Windows 7: HomeTab und Certified Toolbar
    Log-Analyse und Auswertung - 16.08.2013 (11)
  11. Search.certified-toolbar.com... Logfile Auswertung
    Log-Analyse und Auswertung - 30.06.2013 (11)
  12. Certified-toolbar -Search Startseite Problem
    Log-Analyse und Auswertung - 16.02.2013 (8)
  13. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (38)
  14. certified-toolbar entfernen
    Log-Analyse und Auswertung - 31.01.2013 (9)
  15. Search.certified-toolbar.com Browser Hijacker entfernen
    Anleitungen, FAQs & Links - 28.01.2013 (2)
  16. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (3)
  17. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Hijackerbefall search.certified-toolbar.com - Hi! Mein Rechner ist seit vorgestern vom Hijacker search.certified-toolbar.com befallen. Beim Öffnen meines Browsers (Chrome) öffnen sich immer gleich 4 Tabs, wovon 2 meine normale Startseite (google), eine leere Seite - Windows 7: Hijackerbefall search.certified-toolbar.com...
Archiv
Du betrachtest: Windows 7: Hijackerbefall search.certified-toolbar.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132