Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC wird immer langsamer firefox öffnet ständig neue Fenster (https://www.trojaner-board.de/138052-pc-immer-langsamer-firefox-oeffnet-staendig-neue-fenster.html)

Artemi 11.07.2013 11:33
PC wird immer langsamer firefox öffnet ständig neue Fenster
 
Hallo an das Forum
ich wende mich an Euch um Hilfe zu bekommen.
Seit geraumer Zeit wird mein Pc ständig langsamer beim Starten und ausführen von Programmen.
Hinzu kommt, dass im Firefox beim önnen neuer Seiten ständig neue Fenster mit Werbung usw geöffnet werden.
Bei Durchlaufen der Punkte zur aus der Anleitung zum Erstellen neuer Treads sind folgende Fehler aufgetreten
OTL es wurde keine Extra.exe Datei erstellt

Gmer ist mehrmals stehen geblieben "Programm reagiert nicht" nach nochmaligem ausführen führte dies zu Bluescreen Fehlercode konnte ich nicht erfassen.

OTL Suche ergab folgende Meldung



OTL logfile created on: 11.07.2013 12:03:29 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,37% Memory free
4,00 Gb Paging File | 2,54 Gb Available in Paging File | 63,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 67,49 Gb Free Space | 28,98% Space Free | Partition Type: NTFS
Drive J: | 931,51 Gb Total Space | 673,85 Gb Free Space | 72,34% Space Free | Partition Type: NTFS
Drive K: | 596,17 Gb Total Space | 568,20 Gb Free Space | 95,31% Space Free | Partition Type: NTFS

Computer Name: xxx1 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.07 14:00:55 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.07.01 11:40:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.07.01 11:40:26 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.07.01 11:40:24 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.07.01 11:40:24 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.06.29 12:29:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2013.06.14 11:51:29 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.05.16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.05.15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.21 17:43:12 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2012.12.20 11:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.12.20 11:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012.12.01 06:38:02 | 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.12.01 06:38:02 | 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.11.30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.27 02:56:36 | 000,070,656 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012.10.05 17:08:42 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe
PRC - [2012.10.04 17:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012.08.15 20:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () -- C:\Program Files\CPUCooL\CooLSrv.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.02.20 12:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe


========== Modules (No Company Name) ==========

MOD - [2013.06.12 10:19:34 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013.05.16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013.01.21 17:43:12 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2013.01.03 10:40:06 | 013,033,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\bedc77a4d866588bbb3c30d51eb5c500\Kies.Theme.ni.dll
MOD - [2013.01.03 10:40:05 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\bbd4f027aee599531e2ebcd18639257a\DummyStorePlugin.ni.dll
MOD - [2013.01.03 10:40:04 | 000,615,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\91650f0c538540e79d30e27636293be4\DevicePodcast.ni.dll
MOD - [2013.01.03 10:40:03 | 000,293,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\e8e7b32ff4fed3d320be7c1d46d7299a\DeviceVideo.ni.dll
MOD - [2013.01.03 10:40:02 | 000,347,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\218643f748389f892a8611805776114b\DevicePhoto.ni.dll
MOD - [2013.01.03 10:40:01 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\8019c6b76384075b633f7b46d7a91fc7\DeviceMusic.ni.dll
MOD - [2013.01.03 10:40:00 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\2bf5b18f0c9af9a51d9a6150744040a3\VideoManager.ni.dll
MOD - [2013.01.03 10:39:59 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\30edb3679631e988c8ee82cb1612bc2b\PhotoManager.ni.dll
MOD - [2013.01.03 10:39:57 | 001,123,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\3d65ab1edb5f8d1b0c724679ceae187f\Podcaster.ni.dll
MOD - [2013.01.03 10:39:49 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d1f5bdb4816fb55ae70dfcefc3939226\Kies.Common.DeviceServiceLib.FirmwareUpdate.Firmw areUpdateAgentHelper.ni.dll
MOD - [2013.01.03 10:39:48 | 006,332,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\2d67fa99b3d44f5a5a3b29303ef6afcf\DeviceHost.ni.dll
MOD - [2013.01.03 10:39:35 | 001,937,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\b1e95e9693a18a5ddc197e80d761a492\Phonebook.ni.dll
MOD - [2013.01.03 10:39:30 | 000,721,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\3a8f7d65945cb452d324a06bf742164b\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013.01.03 10:39:28 | 000,944,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\9c4893594ab9bb7713a2d13d5811e6b7\MusicManager.ni.dll
MOD - [2013.01.03 10:39:27 | 000,403,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\40e0a30df94e0d2ad8094c0b270148fe\BATPlugin.ni.dll
MOD - [2013.01.03 10:39:26 | 000,516,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\0639544433abeb1684c58a6bdf4d58a6\Kies.Common.MediaDB.ni.dll
MOD - [2013.01.03 10:39:26 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\0d2992fb0625b0f61dd35a21181535d5\Kies.Common.StoreManager.ni.dll
MOD - [2013.01.03 10:39:24 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\69338a10b378de31a305fda8b54991c4\Kies.Common.DeviceServiceLib.FirmwareUpdate.Commo n.ni.dll
MOD - [2013.01.03 10:39:24 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\423d24bcc826b6224f0bb7f45cba6038\Kies.Common.AllShare.ni.dll
MOD - [2013.01.03 10:39:23 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\092030066a217f522c8e435f7d259f2b\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downl oader.ni.dll
MOD - [2013.01.03 10:39:23 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\57563671f3d927eaaeb2332becb2199b\Interop.DevFileServiceLib.ni.dll
MOD - [2013.01.03 10:39:22 | 000,571,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\886950c62ef37837e59922fe96683ed6\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013.01.03 10:39:21 | 000,624,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f3dc87c343612839b2d9c150fa93d2e9\Kies.Common.DeviceServiceLib.DeviceDataService.ni .dll
MOD - [2013.01.03 10:39:19 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d6cdccda32569bc887f8f1b4810c03c9\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013.01.03 10:39:18 | 000,916,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1da7d5c154b03c0be17efbdc3a96815d\Kies.Common.DeviceServiceLib.DeviceManagement.ni. dll
MOD - [2013.01.03 10:39:16 | 001,069,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\65945cd5049929aea2d6c18306f02a44\Kies.Common.DeviceService.ni.dll
MOD - [2013.01.03 10:39:14 | 002,212,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\1e406d000fdfbcdec689545a1e9fb05d\Kies.Common.Multimedia.ni.dll
MOD - [2013.01.03 10:39:14 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\524e45fce6049ea1f29b4957631d5c09\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013.01.03 10:39:11 | 000,206,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\f05c38b5ee6eae2f172b195fa839795f\Kies.Common.MainUI.ni.dll
MOD - [2013.01.03 10:39:10 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\c3d1fe7250fe54d9d4314933c1ca9abc\Kies.Common.DBManager.ni.dll
MOD - [2013.01.03 10:39:09 | 000,279,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\5144a4dcdc6bcdcef7434501748e467d\Kies.Common.Util.ni.dll
MOD - [2013.01.03 10:39:09 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\76ba195c42f14235d0795c8a064d3670\Kies.Common.CRMManager.ni.dll
MOD - [2013.01.03 10:39:07 | 001,558,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\28946f75750d96e8bf070078964adb42\Kies.Locale.ni.dll
MOD - [2013.01.03 10:39:07 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\4168fca9ffc0dff8daff063b0be4371a\Kies.MVVM.ni.dll
MOD - [2013.01.03 10:39:06 | 001,920,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\21cbfb32cf2a1ddc6f8d216bf87cdfe0\Kies.UI.ni.dll
MOD - [2013.01.03 10:39:02 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\b328fc51075d165920baf892579f8260\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013.01.03 10:39:01 | 001,223,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\d086dc251ca0327b5dd647ac854afcd6\Kies.Interface.ni.dll
MOD - [2013.01.03 10:38:59 | 002,060,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\638aa831515c172ffd14bb1ad394ca57\Kies.ni.exe
MOD - [2012.12.11 19:59:33 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.12.11 19:59:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.12.11 19:59:20 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.12.11 19:59:19 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.12.11 19:59:09 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\23324d3d243863e74723ea9c2dc1af1b\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.12.11 19:59:09 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.12.11 19:59:07 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\f108203a60eadaff95b82bed51846431\Interop.DeviceSearchLib.ni.dll
MOD - [2012.08.01 08:55:52 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.08.01 08:55:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\7ce183c1bf9fef5fd29cddc5a86878be\System.Runtime.Remoting.ni.dll
MOD - [2012.08.01 08:54:52 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.08.01 08:30:04 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.08.01 08:29:44 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.08.01 08:29:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.08.01 08:29:17 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.08.01 08:29:12 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.08.01 08:29:08 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.08.01 08:28:57 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.08.01 08:28:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013.07.07 09:30:31 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.01 11:40:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.07.01 11:40:24 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.12 10:19:39 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.03 17:39:40 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.10.05 17:08:42 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- C:\Program Files\CPUCooL\CooLSrv.exe -- (CPUCooLServer)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\FUJITS~1\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2013.03.28 11:07:39 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.28 11:07:39 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.28 11:07:39 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.12.03 17:39:40 | 009,373,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.08.27 16:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.06.27 10:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012.06.27 10:37:56 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2012.06.27 10:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012.06.27 10:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2012.06.27 10:37:56 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2012.06.27 10:37:56 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2012.06.27 10:37:56 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2012.06.27 10:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2012.05.28 10:58:20 | 000,013,824 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBDrv.sys -- (usbUDisc)
DRV - [2011.12.19 15:12:00 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011.12.19 15:11:58 | 000,158,512 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011.12.19 15:11:58 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2011.12.19 15:11:58 | 000,091,440 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011.11.01 11:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 11:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 11:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.11 21:19:24 | 000,021,080 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\ntiopnp.sys -- (ntiopnp)
DRV - [2009.07.14 01:51:23 | 000,014,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2009.07.14 01:51:22 | 000,050,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstape.sys -- (MSTAPE)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.18 19:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.01.26 01:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2007.01.26 01:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.08.18 00:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2000.07.24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BRPAR.SYS -- (BrPar)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F 25 94 2F ED 87 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B88CBFCFB-2323-4691-84A5-0CB4EC3F90EA%7D:1.120
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.01.13 14:03:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.19 12:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.22 09:54:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.03.24 13:40:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{88CBFCFB-2323-4691-84A5-0CB4EC3F90EA}: C:\Program Files\LyricsDroid\120.xpi [2013.07.10 17:07:08 | 000,005,178 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.19 12:46:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.22 09:54:53 | 000,000,000 | ---D | M]

[2011.06.20 22:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2013.06.26 20:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\extensions
[2013.05.14 22:56:10 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\extensions\amo@dealplyshopping.com
[2013.06.26 20:44:37 | 000,033,312 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\extensions\YoutubeDownloader@PeterOlayev.com.xpi
[2013.05.14 23:04:35 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.06.11 12:17:50 | 000,001,050 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\searchplugins\11-suche.xml
[2013.06.11 12:17:51 | 000,002,418 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\searchplugins\englische-ergebnisse.xml
[2013.06.11 12:17:50 | 000,010,701 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\searchplugins\gmx-suche.xml
[2013.06.11 12:17:51 | 000,002,432 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\searchplugins\lastminute.xml
[2013.06.11 12:17:50 | 000,005,682 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\searchplugins\webde-suche.xml
[2013.05.19 12:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.05.19 12:46:15 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.19 12:46:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.05.19 12:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013.07.07 09:30:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.10 17:07:08 | 000,005,178 | ---- | M] () (No name found) -- C:\PROGRAM FILES\LYRICSDROID\120.XPI
[2012.01.02 19:18:17 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.71\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Google Drive = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LyricsDroid = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jongbaldhepiipcgeobleedccockoofh\1.120_0\
CHR - Extension: Google Mail = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Google Drive = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LyricsDroid = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jongbaldhepiipcgeobleedccockoofh\1.120_0\
CHR - Extension: Google Mail = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011.09.06 19:41:13 | 000,000,878 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (LyricsDroid) - {C08AE725-F500-49E9-8958-2E176C8CDFD5} - C:\Program Files\LyricsDroid\120.dll (Droid-Apps Extension Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DealPly) - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [USBToolTip] C:\PROGRA~2\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Mit Mipony herunterladen - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EB911EF-2BBD-43D4-94E9-A6FBD85FE3E1}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F94CA308-B173-4C96-BF51-110B95324EA5}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7efe0697-9b29-11e0-910d-0015f2f36bac}\Shell - "" = AutoRun
O33 - MountPoints2\{7efe0697-9b29-11e0-910d-0015f2f36bac}\Shell\AutoRun\command - "" = E:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.07.11 10:19:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.07.10 17:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\LyricsDroid
[2013.07.01 12:02:34 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\h2test
[2013.06.29 12:29:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013.06.24 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Phase_One
[2013.06.24 17:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase One
[2013.06.24 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\CaptureOne
[2013.06.24 17:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One
[2013.06.24 17:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\Phase One
[2013.06.20 10:54:43 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Strom
[2013.06.14 11:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.11 11:50:00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job
[2013.07.11 11:33:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.11 11:11:55 | 001,110,476 | ---- | M] () -- C:\Users\xxx\Desktop\7z920.exe
[2013.07.11 11:11:53 | 000,001,853 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2013.07.11 11:09:01 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.11 11:02:12 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 11:02:12 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 10:57:07 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\LyricsDroid Update.job
[2013.07.11 10:54:17 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.11 10:54:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.11 10:53:56 | 279,899,172 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.07.11 10:53:56 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.11 10:05:31 | 000,377,856 | ---- | M] () -- C:\Users\xxx\Desktop\gmer_2.1.19163.exe
[2013.07.10 20:50:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job
[2013.07.07 11:27:42 | 000,000,000 | ---- | M] () -- C:\END
[2013.07.01 11:42:35 | 000,697,320 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.01 11:42:35 | 000,652,638 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.01 11:42:35 | 000,148,616 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.01 11:42:35 | 000,121,570 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.01 11:40:43 | 000,067,168 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.06.30 11:18:00 | 000,218,129 | ---- | M] () -- C:\Users\xxx\Desktop\h2testw_1.4.zip
[2013.06.29 12:29:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013.06.29 12:28:47 | 000,000,000 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2013.06.29 12:27:56 | 000,050,477 | ---- | M] () -- C:\Users\xxx\Desktop\Defogger.exe
[2013.06.24 17:36:42 | 000,001,158 | ---- | M] () -- C:\Users\xxx\Desktop\Capture One 6.lnk
[2013.06.22 10:19:30 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.06.20 10:59:56 | 000,000,500 | ---- | M] () -- C:\Windows\Brownie.ini
[2013.06.18 22:33:10 | 000,004,557 | ---- | M] () -- C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
[2013.06.18 22:31:09 | 000,010,495 | ---- | M] () -- C:\Users\xxx\SebMur_elster_2048.pfx
[2013.06.14 12:00:09 | 000,392,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.06.14 11:52:30 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.11 11:11:59 | 001,110,476 | ---- | C] () -- C:\Users\xxx\Desktop\7z920.exe
[2013.07.11 10:19:40 | 279,899,172 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.07.11 10:05:37 | 000,377,856 | ---- | C] () -- C:\Users\xxx\Desktop\gmer_2.1.19163.exe
[2013.06.30 11:17:49 | 000,218,129 | ---- | C] () -- C:\Users\xxx\Desktop\h2testw_1.4.zip
[2013.06.29 12:28:47 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2013.06.29 12:28:20 | 000,050,477 | ---- | C] () -- C:\Users\xxx\Desktop\Defogger.exe
[2013.06.28 15:48:47 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\LyricsDroid Update.job
[2013.06.24 17:36:42 | 000,001,158 | ---- | C] () -- C:\Users\xxx\Desktop\Capture One 6.lnk
[2013.06.18 22:33:10 | 000,004,557 | ---- | C] () -- C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
[2013.06.18 22:30:51 | 000,010,495 | ---- | C] () -- C:\Users\xxx\SebMur_elster_2048.pfx
[2013.06.14 11:52:30 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.06.02 11:33:42 | 000,392,384 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.19 22:55:12 | 000,000,891 | ---- | C] () -- C:\Users\xxx\.recently-used.xbel
[2013.01.29 20:31:33 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfwad.bin
[2012.09.10 13:06:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Super Strings
[2012.09.10 13:06:28 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\Stingers
[2012.09.10 13:06:27 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.09.10 13:05:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SupportPrinters
[2012.09.10 13:05:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Strings
[2012.09.10 13:05:13 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\String Comparison
[2012.09.10 13:05:13 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\StatusSheet
[2012.09.10 13:05:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.09.10 13:05:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012.09.10 13:04:35 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\System Image Utility
[2012.09.10 13:04:35 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2012.08.23 15:45:57 | 000,004,114 | ---- | C] () -- C:\Users\xxx\.ganttproject
[2012.07.11 11:40:16 | 000,011,456 | ---- | C] () -- C:\Users\xxx\gsview32.ini
[2012.05.06 12:47:26 | 000,000,135 | ---- | C] () -- C:\Users\xxx\.gtk-bookmarks
[2012.04.04 17:43:48 | 000,001,075 | ---- | C] () -- C:\Users\xxx\.ufrawrc
[2012.01.31 02:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 02:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 02:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 02:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 02:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.12.21 13:30:22 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.12.21 13:30:19 | 000,000,146 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011.12.21 13:30:19 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011.12.21 13:30:09 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2011.12.21 13:30:07 | 000,009,030 | ---- | C] () -- C:\Windows\HL-2070N.INI
[2011.12.21 13:30:05 | 000,000,054 | ---- | C] () -- C:\Windows\System32\bd2070n.dat
[2011.12.21 13:27:09 | 000,000,500 | ---- | C] () -- C:\Windows\Brownie.ini
[2011.12.14 12:24:27 | 000,007,622 | ---- | C] () -- C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
[2011.12.09 23:44:06 | 000,007,168 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.20 11:47:26 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.03.21 19:51:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AllDup
[2012.07.01 10:46:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ashampoo
[2013.01.21 16:03:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\avidemux
[2011.06.21 11:38:58 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canon
[2011.12.14 13:01:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2011.09.28 13:37:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DeepBurner
[2012.04.30 22:04:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DiskAid
[2012.01.13 14:05:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DL
[2013.07.11 10:55:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dropbox
[2013.01.04 12:23:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\EAC
[2013.01.29 20:48:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\EPSON
[2013.06.07 22:22:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\foobar2000
[2013.03.07 13:46:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Garmin
[2012.02.05 13:35:33 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GrabPro
[2013.04.06 19:05:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\gtk-2.0
[2012.12.28 12:08:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ICQ
[2011.10.22 11:14:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\IrfanView
[2012.08.17 21:42:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Karteikartentrainer
[2011.10.05 20:05:19 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\LibreOffice
[2012.01.05 17:08:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\LyX2.0
[2013.05.14 23:00:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mipony
[2013.02.06 10:56:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mp3tag
[2012.03.06 11:32:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\NCH Swift Sound
[2012.03.24 13:42:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nokia
[2012.02.05 13:35:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenCandy
[2011.07.26 23:41:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\OpenOffice.org
[2012.02.16 11:13:55 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Opera
[2013.07.11 11:15:26 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Orbit
[2012.03.24 13:45:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PC Suite
[2012.03.13 12:24:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Phase6
[2012.02.05 13:23:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProgSense
[2011.08.22 09:06:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\redsn0w
[2013.01.02 23:31:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Samsung
[2012.01.13 14:08:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Swiss Academic Software
[2012.03.30 18:56:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Temp
[2012.02.16 11:23:49 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Titanium
[2011.06.20 23:11:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2012.11.21 19:52:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Wargaming.net
[2012.04.30 22:09:02 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WindSolutions

========== Purity Check ==========



< End of report >



Vielen Dank vorerst

schrauber 11.07.2013 12:05
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Artemi 11.07.2013 22:38
Hier die Listen

FRST.TXT



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02
Ran by xxx (administrator) on 11-07-2013 23:32:38
Running from C:\Users\xxx\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CPUCooL\CooLSrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Wajam) C:\Program Files\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Nike) C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitdm.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitnet.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [USBToolTip] - C:\PROGRA~2\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Nike+ Connect] - "C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [70656 2012-11-27] (Nike)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-21] ()
HKCU\...\Run: [Google Update] - "C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-03-24] (Google Inc.)
MountPoints2: {7efe0697-9b29-11e0-910d-0015f2f36bac} - E:\pushinst.exe
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Orbit.lnk
ShortcutTarget: Orbit.lnk -> C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  No File
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: LyricsDroid - {C08AE725-F500-49E9-8958-2E176C8CDFD5} - C:\Program Files\LyricsDroid\120.dll (Droid-Apps Extension Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF HKCU\...\Firefox\Extensions: [{88CBFCFB-2323-4691-84A5-0CB4EC3F90EA}] C:\Program Files\LyricsDroid\120.xpi
FF Extension: No Name - C:\Program Files\LyricsDroid\120.xpi

Chrome:
=======
CHR HomePage: hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}
CHR RestoreOnStartup: "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}", "hxxp://www.google.com"
CHR DefaultSearchURL: (SweetIM Search) - hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}
CHR DefaultSuggestURL: (SweetIM Search) -      "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2012-10-05] (Wajam)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [14464 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [50048 2009-07-14] (Microsoft Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-05-28] (Scott)
S3 ALSysIO; \??\C:\Users\FUJITS~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 12:17 - 2013-07-11 12:36 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 10:19 - 2013-07-11 10:54 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:19 - 2013-07-11 10:53 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-11 10:03 - 2013-07-11 11:14 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-10 17:07 - 2013-07-10 17:07 - 00000000 ____D C:\Program Files\LyricsDroid
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-06-30 11:17 - 2013-06-30 11:18 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:28 - 2013-06-29 12:29 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2013-06-29 12:27 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-28 15:48 - 2013-07-11 17:36 - 00000386 ____A C:\Windows\Tasks\LyricsDroid Update.job
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:38 - 2013-06-24 18:41 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:37 - 2013-06-24 17:41 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-20 10:54 - 2013-06-20 11:00 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-19 20:32 - 2013-06-19 20:40 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:30 - 2013-06-18 22:31 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:56 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxx\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:37 - 2013-06-14 11:36 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxx\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2013-07-11 23:33 - 2013-01-21 17:43 - 00000000 ____D C:\Users\xxx\AppData\Local\PMB Files
2013-07-11 23:33 - 2012-04-07 08:46 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 23:31 - 2012-02-05 13:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit
2013-07-11 23:27 - 2012-06-01 14:05 - 00001156 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job
2013-07-11 23:27 - 2012-06-01 14:05 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job
2013-07-11 23:27 - 2011-07-23 10:12 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-11 17:36 - 2013-06-28 15:48 - 00000386 ____A C:\Windows\Tasks\LyricsDroid Update.job
2013-07-11 17:36 - 2011-06-20 12:36 - 02083851 ____A C:\Windows\WindowsUpdate.log
2013-07-11 12:36 - 2013-07-11 12:17 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:14 - 2013-07-11 10:03 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 11:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 11:02 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-11 11:02 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-11 10:55 - 2012-04-22 13:43 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dropbox
2013-07-11 10:54 - 2013-07-11 10:19 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:54 - 2013-06-02 11:33 - 00000672 ____A C:\Windows\setupact.log
2013-07-11 10:54 - 2012-01-26 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-11 10:54 - 2011-07-23 10:12 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-11 10:54 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-11 10:53 - 2013-07-11 10:19 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:21 - 2012-04-22 13:47 - 00000000 ___RD C:\Users\xxx\Dropbox
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-11 09:27 - 2013-06-02 11:33 - 00002880 ____A C:\Windows\PFRO.log
2013-07-11 09:27 - 2012-05-03 22:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-10 17:07 - 2013-07-10 17:07 - 00000000 ____D C:\Program Files\LyricsDroid
2013-07-10 03:53 - 2011-06-20 22:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mozilla
2013-07-07 14:01 - 2011-12-20 17:50 - 00000000 ____D C:\Program Files\Opera
2013-07-07 11:27 - 2013-01-31 17:23 - 00000000 ____A C:\END
2013-07-07 09:30 - 2013-05-19 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-01 12:38 - 2013-03-20 12:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-07-01 11:42 - 2011-06-20 12:30 - 01614664 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-01 11:40 - 2013-05-07 19:14 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-30 11:18 - 2013-06-30 11:17 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:29 - 2013-06-29 12:28 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2011-06-20 12:26 - 00000000 ____D C:\Users\xxx
2013-06-29 12:27 - 2013-06-29 12:28 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-28 15:48 - 2013-05-25 12:30 - 00000000 ____D C:\Program Files\YTKaraoke
2013-06-24 18:41 - 2013-06-24 17:38 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:41 - 2013-06-24 17:37 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:41 - 2012-02-23 10:50 - 00000000 ____D C:\Program Files\DIFX
2013-06-24 17:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:38 - 2012-02-29 17:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\NVIDIA
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-23 14:38 - 2012-06-14 22:16 - 00581120 __ASH C:\Users\xxx\Downloads\Thumbs.db
2013-06-22 10:19 - 2011-12-21 13:30 - 00000432 ____A C:\Windows\BRWMARK.INI
2013-06-21 08:13 - 2012-01-02 19:16 - 00000000 ____D C:\Program Files\JDownloader
2013-06-20 11:00 - 2013-06-20 10:54 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-20 10:59 - 2011-12-21 13:27 - 00000500 ____A C:\Windows\Brownie.ini
2013-06-20 10:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-06-19 20:40 - 2013-06-19 20:32 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-19 13:16 - 2012-05-22 11:45 - 00000000 ___SD C:\Users\xxx\Google Drive
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:31 - 2013-06-18 22:30 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx
2013-06-14 12:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-14 12:01 - 2011-06-20 13:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 12:00 - 2013-06-02 11:33 - 00392384 ____A C:\Windows\system32\FNTCACHE.DAT
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-06-14 11:56 - 2013-06-14 11:44 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxx\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:36 - 2013-06-14 11:37 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-14 11:36 - 2012-06-20 20:05 - 00866720 ____A (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-06-14 11:36 - 2011-07-26 23:36 - 00788896 ____A (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxx\Downloads\jxpiinstall.exe
2013-06-12 10:19 - 2012-04-07 08:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-12 10:19 - 2011-09-28 13:40 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-04 20:49

==================== End Of Log ============================
--- --- ---

--- --- ---



Additon.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2013 02
Ran by xxxat 2013-07-11 23:34:09
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================

7-Zip 9.20
Adobe AIR (Version: 3.1.0.4880)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
AllDup 3.4.18 (Version: 3.4.18)
Anti-Twin (Installation 03.05.2012)
AP Tuner 3.08
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
Audiograbber 1.83 SE  (Version: 1.83 SE )
Audiograbber MP3-Plugin (Version: 1.0)
Avidemux 2.6 (32-bit) (Version: 2.6.1.8321)
Avira Free Antivirus (Version: 13.0.0.3737)
BeCyPDFMetaEdit (Version: 2.37.0)
Bonjour (Version: 3.0.0.10)
Brother HL-2070N (Version: 1.00)
Canon RAW Codec (Version: 1.8.0.68)
Canon Utilities Digital Photo Professional 3.9 (Version: 3.9.3.0)
Capture One 6.4 (Version: 6.4.65508.156)
CardRecovery 6.10
CCleaner (Version: 4.02)
CdCoverCreator 2.5.3 (Version: 2.5.3)
Citavi (Version: 3.2.0.0)
CPUCooL (remove only)
CrystalDiskInfo 4.1.3 (Version: 4.1.3)
D3DX10 (Version: 15.4.2368.0902)
DealPly (remove only) (Version: 4.8.6.1)
DiskAid 5.14 (Version: 5.14)
Dropbox (HKCU Version: 1.6.18)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
DVDx 4.0 (Version: 4.0)
EPSON Scan
EVEREST Home Edition v2.20 (Version: 2.20)
Evernote v. 4.5.6 (Version: 4.5.6.6884)
Exact Audio Copy 1.0beta3 (Version: 1.0beta3)
FILSHtray (Version: 0.12)
FILSHtray Version 0.9 (Version: 0.9)
foobar2000 v1.1.16 (Version: 1.1.16)
FreeMind (Version: 0.9.0)
FUJIdirekt Bestellsoftware 4.4
GanttProject
Garmin Communicator Plugin (Version: 4.0.4)
Garmin MapSource (Version: 6.16.3)
Garmin POI Loader (Version: 2.7.1)
Garmin USB Drivers (Version: 2.3.0.0)
GCH Guitar academy
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 28.0.1500.71)
Google Drive (Version: 1.10.4769.632)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Talk Plugin (Version: 4.2.1.14031)
Google Update Helper (Version: 1.3.21.149)
GPL Ghostscript (Version: 9.05)
GSview 5.0 (Version: 5.0)
Hollywood FX Volumes 1-3 (Version: 2.0.0)
iCloud (Version: 2.1.1.3)
ICQ7.7 (Version: 7.7)
IrfanView (remove only) (Version: 4.30)
iTunes (Version: 11.0.2.26)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 33 (Version: 6.0.330)
JDownloader 0.9 (Version: 0.9)
Kontomanager 10.1.4.4 EVG Sonderedition
LG Tool Kit (Version: 9.01.1124.01)
LibreOffice 3.4 (Version: 3.4.302)
Lidl-Fotos
LightScribe Applications (Version: 1.18.15.1)
LightScribe System Software (Version: 1.18.24.1)
LightScribe Template Labeler (Version: 1.18.24.1)
LyricsDroid
LyX 2.0.2-1 (Version: 2.0.2-1)
Media Markt Fotoservice 4.4
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 9.0.21022)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MiKTeX 2.9 (Version: 2.9)
MiPony 2.0.2 (Version: 2.0.2)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
Mp3tag v2.54 (Version: v2.54)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Collector
MyFreeCodec
myphotobook.de (Version: 1.3.0)
Nike+ Connect (Version: 5.2.14)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.5.0)
Nokia Connectivity Cable Driver (Version: 7.1.69.0)
Nokia Suite (Version: 3.3.89.0)
NVIDIA 3D Vision Controller-Treiber 310.70 (Version: 310.70)
NVIDIA 3D Vision Treiber 310.70 (Version: 310.70)
NVIDIA Grafiktreiber 310.70 (Version: 310.70)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
NVIDIA Systemsteuerung 310.70 (Version: 310.70)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Open Workbench
OpenOffice.org 3.3 (Version: 3.3.9567)
OpenProj (Version: 1.4.0)
Opera 12.16 (Version: 12.16.1860)
Oracle VM VirtualBox 4.1.8 (Version: 4.1.8)
Orbit Downloader
Pando Media Booster (Version: 2.6.0.8)
PC Connectivity Solution (Version: 11.5.29.0)
phase-6 2.1.2.4b (Version: 2.1.2.4b)
Picasa 3 (Version: 3.9)
Picture Control Utility (Version: 1.4.6)
Pinnacle Studio 16 - Install Manager (Version: 16.0.75)
Pinnacle Studio 16 - Standard Content Pack (Version: 16.0.0)
Pinnacle Studio 16 (Version: 16.0.0.75)
Pinnacle Video Treiber (Version: 12.1.0.030)
PitchPerfect Musical Instrument Tuner
POIbase 1.041
Premium Pack Volumes 1-2 (Version: 2.0.0)
Qtrax Player (Version: 01.001.0001)
QuickTime (Version: 7.73.80.64)
Realtek AC'97 Audio (Version: 5.35)
Samsung Kies (Version: 2.2.0.12014_18)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.1 (Version: 6.1.129)
Snagit 10.0.1 (Version: 10.0.1)
SpeedFan (remove only)
Spybot - Search & Destroy (Version: 2.1.19)
SweetIM for Messenger 3.7 (Version: 3.7.0007)
SweetPacks bundle uninstaller (Version: 1.0.0000)
The GodFather
Title Extreme (Version: 2.0.0)
Tunatic
UFRaw 0.18
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Manager for SweetPacks 1.1 (Version: 1.1.0008)
ViewNX 2 (Version: 2.5.1)
VLC media player 2.0.5 (Version: 2.0.5)
Wajam (Version: 1.50)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 ) (Version: 02/11/2010 )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
World of Tanks
Wunderlist (Version: 1.2.4)
 

==================== Restore Points  =========================

13-06-2013 17:22:21 Geplanter Prüfpunkt
14-06-2013 09:35:10 Installed Java 7 Update 21
14-06-2013 09:46:12 Windows Modules Installer
23-06-2013 11:05:41 Geplanter Prüfpunkt
24-06-2013 15:38:09 Gerätetreiber-Paketinstallation: Phase One A/S Bildverarbeitungsgeräte
24-06-2013 15:38:09 Gerätetreiber-Paketinstallation: Leaf Imaging Ltd. Bildverarbeitungsgeräte
04-07-2013 18:56:08 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:04 - 2011-09-06 19:41 - 00000878 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02EA2DCA-4162-4732-899D-9B30EE5C6A0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {15C40ECC-2C47-49F0-9D4A-5EFD9B24DD4F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {208E0CD6-2C20-4C69-89D2-2DB63D17644D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {4239DC88-9402-42B0-AABD-F4A6DF2CA6CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core => C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {4257FBCC-2658-4209-B4DD-5F1E31541068} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {46C9B3E0-5F70-4F2D-9088-C5D0B32D2444} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-23] (Google Inc.)
Task: {48D5C6A5-DEDA-46AC-A300-7E7445A2B9BB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {4B1CAB65-4E1C-4714-B718-3933CD78A96E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {506B7D57-7330-4250-95D1-FFE8E4175C50} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA => C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24] (Google Inc.)
Task: {6EC11BFD-4D3D-401F-A0F2-E219A5AD7B73} - System32\Tasks\LyricsDroid Update => C:\Program Files\LyricsDroid\LyricsDroid.exe [2013-07-08] (Droid-Apps Extension Software)
Task: {7602F35C-EE55-43E1-89DD-85127A5541E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-23] (Google Inc.)
Task: {9891A3D6-9300-431B-BC89-AFB9F803A5C4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {E0F06413-F44D-43E2-ACCA-3157E5D1FD15} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {F3256E87-9C4F-4219-9FA4-02DC55486394} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job => C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job => C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsDroid Update.job => C:\Program Files\LyricsDroid\LyricsDroid.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2013 11:27:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SweetPacksUpdateManager.exe, Version: 1.1.0.8, Zeitstempel: 0x502bc905
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003aff2
ID des fehlerhaften Prozesses: 0xf44
Startzeit der fehlerhaften Anwendung: 0xSweetPacksUpdateManager.exe0
Pfad der fehlerhaften Anwendung: SweetPacksUpdateManager.exe1
Pfad des fehlerhaften Moduls: SweetPacksUpdateManager.exe2
Berichtskennung: SweetPacksUpdateManager.exe3

Error: (07/11/2013 00:37:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (07/11/2013 00:37:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (07/11/2013 00:37:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2013 10:30:27 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012288
ID des fehlerhaften Prozesses: 0x12c8
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (07/11/2013 10:20:24 AM) (Source: ESENT) (User: )
Description: taskhost (372) Versuch, Datei "C:\Users\xxx\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (07/11/2013 10:15:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012288
ID des fehlerhaften Prozesses: 0x1554
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14078

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14078

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/11/2013 11:27:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (07/11/2013 11:27:40 PM) (Source: DCOM) (User: )
Description: 109gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/11/2013 00:35:16 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (07/11/2013 10:56:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (07/11/2013 10:56:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/11/2013 10:55:43 AM) (Source: DCOM) (User: )
Description: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (07/11/2013 10:55:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "iPod-Dienst" wurde mit folgendem Fehler beendet:
%%-2147417831

Error: (07/11/2013 10:54:06 AM) (Source: BugCheck) (User: )
Description: 0x0000007f (0x00000008, 0x801de000, 0x00000000, 0x00000000)C:\Windows\MEMORY.DMP

Error: (07/11/2013 10:54:06 AM) (Source: BugCheck) (User: )
Description:

Error: (07/11/2013 10:54:03 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2013 um 10:52:36 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (07/11/2013 11:27:41 PM) (Source: Application Error)(User: )
Description: SweetPacksUpdateManager.exe1.1.0.8502bc905ole32.dll6.1.7601.175144ce7b96fc00000050003aff2f4401ce7e145339a1dfC:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exeC:\Windows\system32\ole32.dllb70a4246-ea70-11e2-b2ae-0015f2f36bac

Error: (07/11/2013 00:37:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (07/11/2013 00:37:03 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (07/11/2013 00:37:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2013 10:30:27 AM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050001228812c801ce7e0febafaf94C:\Users\xxx\Desktop\gmer_2.1.19163.exeC:\Users\xxx\Desktop\gmer_2.1.19163.exe22e47795-ea04-11e2-8b09-0015f2f36bac

Error: (07/11/2013 10:20:24 AM) (Source: ESENT)(User: )
Description: taskhost372C:\Users\xxx\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (07/11/2013 10:15:44 AM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c000000500012288155401ce7e0daa22c9c8C:\Users\xxx\Desktop\gmer_2.1.19163.exeC:\Users\xxx\Desktop\gmer_2.1.19163.exe14c1ea06-ea02-11e2-93d8-0015f2f36bac

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14078

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14078

Error: (07/10/2013 05:09:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-01-02 23:45:15.887
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-02 23:42:45.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-02 23:39:17.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-02 23:37:45.379
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 2047.55 MB
Available physical RAM: 1014.16 MB
Total Pagefile: 4095.11 MB
Available Pagefile: 2508.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892 MB

==================== Drives ================================

Drive c: (457265) (Fixed) (Total:232.88 GB) (Free:67.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive j: (Volume) (Fixed) (Total:931.51 GB) (Free:673.85 GB) NTFS
Drive k: (HP2) (Fixed) (Total:596.17 GB) (Free:568.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 549BC608)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: A62D08E5)

Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 596 GB) (Disk ID: D55B62C3)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================

vielen Dank vorerstmal

schrauber 12.07.2013 10:49
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Artemi 12.07.2013 13:04
Vielen Dank hier die Logfiles

ADW Cleaner
Code:
# AdwCleaner v2.305 - Datei am 12/07/2013 um 13:39:46 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : xxxs - xxxS1
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxxs\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
Datei Gelöscht : C:\Users\xxxs\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\searchplugins\11-suche.xml
Datei Gelöscht : C:\Windows\tasks\LyricsDroid Update.job
Ordner Gelöscht : C:\Program Files\DealPly
Ordner Gelöscht : C:\Program Files\LyricsDroid
Ordner Gelöscht : C:\Program Files\LyricsFinder
Ordner Gelöscht : C:\Program Files\SweetIM
Ordner Gelöscht : C:\Program Files\Wajam
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Users\xxxs\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\xxxs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\xxxs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Users\xxxs\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\extensions\amo@dealplyshopping.com
Ordner Gelöscht : C:\Users\xxxs\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C08AE725-F500-49E9-8958-2E176C8CDFD5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C08AE725-F500-49E9-8958-2E176C8CDFD5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C08AE725-F500-49E9-8958-2E176C8CDFD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08AE725-F500-49E9-8958-2E176C8CDFD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{88CBFCFB-2323-4691-84A5-0CB4EC3F90EA}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16618

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.facemoods.com/?a=ddrnw --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\xxxs\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\prefs.js

C:\Users\xxxs\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default-1363894332540\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.71

Datei : C:\Users\xxxs\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.30] : keyword = "search.sweetim.com",
Gelöscht [l.34] : search_url = "hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&[...]
Gelöscht [l.2398] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0[...]
Gelöscht [l.2677] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={36908F35-[...]

-\\ Opera v12.16.1860.0

Datei : C:\Users\xxxs\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [20880 octets] - [12/07/2013 13:39:46]

########## EOF - C:\AdwCleaner[S1].txt - [20941 octets] ##########
JRT

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.7 (07.11.2013:1)
OS: Windows 7 Ultimate x86
Ran by xxxs on 12.07.2013 at 13:49:45,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\LYRICSDROID.EXE-E6DA52C6.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Users\xxxs\appdata\locallow\myashampoo"
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{00700D95-D992-4752-93E5-F6FC24475D53}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{0863CC3A-B793-4BE4-85E1-574397B81FD1}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{0A76C72D-980C-44B1-AFE9-0EE14D25929D}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{0BD4187F-EADD-4B10-8523-2D04E8EBA3C1}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{10B50258-09F7-45C8-8A0A-E6409963405A}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{1E435F26-042A-4EA3-B9EC-814C80822168}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{215FB2E5-0150-4CDA-9A13-890D717067E0}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{21BF1010-9659-4341-AA5E-9B8277659D36}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{34115744-B0F6-4947-8B72-186CB17D41FA}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{35128616-BD1E-4439-BE91-D3C4067A2169}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{39A9FE6A-2E43-4755-87F6-3424FF141A12}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{3DD7472E-3236-4E3D-B05A-A38FAD1AE2CC}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{41B49DAB-5A19-464F-A5CE-1DF44F31D8B9}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{46281390-A772-46B0-AB07-457859FEED9C}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{4CDCC6FD-E6C8-49CE-BEE5-BCB39DF501C6}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{4D005430-B6F0-44AC-8E43-A4008BA07F81}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{5F58089B-1A36-414B-9CF8-2E98A728E4B6}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{62B8B30C-A2BC-4F92-AA90-D31E24D7A98A}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{6FCD5BFC-F0AE-4B18-B808-B73827A6B12B}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{72F1B970-9722-467F-9A84-7E9058AB0BF9}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{7486987F-1FBB-4163-A041-9411ED6173BF}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{77E65875-E9E0-424E-B5E9-3095800C2431}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{7DD2D971-C159-4787-8385-48AB8E0B7FD5}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{8BA56A61-6E0E-47E1-A9F5-0C4B0773EAEA}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{9012EE0A-C9FA-4085-8008-BFBD42F79E7F}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{9F00F01F-D98E-4542-B514-DFEE4CB853BA}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{ACE5D8C3-F992-49EE-9BB2-40DB2BD0D03B}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{AE08A614-DDE9-49FC-AE84-51686F58777E}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{B5BB7308-F728-4E52-B5B9-44BF180FE993}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{B76409D0-66D4-4B2A-9C61-F933D1867C0E}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{D2957693-6D13-44F5-8549-072FA99F0BB4}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{D669A760-7DFB-4660-BD53-7021480EAFEF}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{D8D04238-6B4F-4F50-B51C-B1C06EEC4026}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{D9622FB9-49E8-4B11-A38B-C56490E708F7}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{DAA53D1A-3B76-444A-ABFD-91BC49507110}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{DE345CFD-A5CA-4A71-B1D8-65035238BDF7}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{E0086FC9-3B4E-4177-A951-B4CC9D3502A9}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{E21969D6-606F-4C0B-95E9-F1B9FBDBE9D2}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{E41FB03A-DE39-40E5-BAEC-0E77CD260CF1}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{E55461D5-0C46-4D51-A8D0-5E4FD34C4093}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{EB24DFCD-4568-4963-9FEA-475A76868D92}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{F27BEE03-A87D-4CEA-BE53-856E1CFCC008}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{F5DB209B-F493-4CD4-AC8A-B555E1A913C7}
Successfully deleted: [Empty Folder] C:\Users\xxxs\appdata\local\{FFEE4EE6-92B3-44F2-AC49-732C9FB780D0}



~~~ FireFox

Emptied folder: C:\Users\xxxs\AppData\Roaming\mozilla\firefox\profiles\ps8aqelb.default-1363894332540\minidumps [59 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2013 at 13:53:35,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02
Ran by xxxs (administrator) on 12-07-2013 13:56:03
Running from C:\Users\xxxs\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CPUCooL\CooLSrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nike) C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [USBToolTip] - C:\PROGRA~2\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Nike+ Connect] - "C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [70656 2012-11-27] (Nike)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-21] ()
HKCU\...\Run: [Google Update] - "C:\Users\xxxs\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-03-24] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {7efe0697-9b29-11e0-910d-0015f2f36bac} - E:\pushinst.exe
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Orbit.lnk
ShortcutTarget: Orbit.lnk -> C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
Startup: C:\Users\xxxs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxxs\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\xxxs\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\xxxs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\xxxs\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\xxxs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\xxxs\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\xxxs\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (SweetIM Search) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (SweetIM Search) -      "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\xxxs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\xxxs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\xxxs\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [14464 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [50048 2009-07-14] (Microsoft Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-05-28] (Scott)
S3 ALSysIO; \??\C:\Users\FUJITS~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-12 13:53 - 2013-07-12 13:53 - 00006364 ____A C:\Users\xxxs\Desktop\JRT.txt
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:45 - 2013-07-12 13:45 - 00021011 ____A C:\Users\xxxs\Desktop\AdwCleaner[S1].txt
2013-07-12 13:39 - 2013-07-12 13:40 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:38 - 2013-07-12 13:37 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxxs\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxxs\Desktop\adwcleaner.exe
2013-07-11 23:34 - 2013-07-12 10:17 - 00021722 ____A C:\Users\xxxs\Desktop\Addition.txt
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxxs\Desktop\FRST.exe
2013-07-11 12:17 - 2013-07-11 12:36 - 00121432 ____A C:\Users\xxxs\Desktop\OTL.Txt
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxxs\Desktop\7z920.exe
2013-07-11 10:19 - 2013-07-11 10:54 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:19 - 2013-07-11 10:53 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxxs\Desktop\gmer_2.1.19163.exe
2013-07-11 10:03 - 2013-07-11 11:14 - 00000490 ____A C:\Users\xxxs\Desktop\defogger_disable.log
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxxs\Desktop\h2test
2013-06-30 11:17 - 2013-06-30 11:18 - 00218129 ____A C:\Users\xxxs\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxxs\Desktop\OTL.exe
2013-06-29 12:28 - 2013-06-29 12:29 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxxs\defogger_reenable
2013-06-29 12:28 - 2013-06-29 12:27 - 00050477 ____A C:\Users\xxxs\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxxs\Downloads\FRST.exe
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxxs\AppData\Local\Phase_One
2013-06-24 17:38 - 2013-06-24 18:41 - 00000000 ____D C:\Users\xxxs\AppData\Local\CaptureOne
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:37 - 2013-06-24 17:41 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxxs\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-20 10:54 - 2013-06-20 11:00 - 00000000 ____D C:\Users\xxxs\Documents\Strom
2013-06-19 20:32 - 2013-06-19 20:40 - 00000000 ____D C:\Users\xxxs\Downloads\Reciver_firmware
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxxs\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:30 - 2013-06-18 22:31 - 00010495 ____A C:\Users\xxxs\SebMur_elster_2048.pfx
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:56 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxxs\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:37 - 2013-06-14 11:36 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxxs\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2013-07-12 13:56 - 2013-01-21 17:43 - 00000000 ____D C:\Users\xxxs\AppData\Local\PMB Files
2013-07-12 13:53 - 2013-07-12 13:53 - 00006364 ____A C:\Users\xxxs\Desktop\JRT.txt
2013-07-12 13:51 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-12 13:51 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-12 13:50 - 2012-06-01 14:05 - 00001156 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:48 - 2012-02-05 13:23 - 00000000 ____D C:\Users\xxxs\AppData\Roaming\Orbit
2013-07-12 13:45 - 2013-07-12 13:45 - 00021011 ____A C:\Users\xxxs\Desktop\AdwCleaner[S1].txt
2013-07-12 13:43 - 2012-04-22 13:47 - 00000000 ___RD C:\Users\xxxs\Dropbox
2013-07-12 13:43 - 2012-04-22 13:43 - 00000000 ____D C:\Users\xxxs\AppData\Roaming\Dropbox
2013-07-12 13:42 - 2013-06-02 11:33 - 00000728 ____A C:\Windows\setupact.log
2013-07-12 13:42 - 2012-01-26 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-12 13:42 - 2011-07-23 10:12 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-12 13:42 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-12 13:41 - 2011-06-20 12:36 - 02088171 ____A C:\Windows\WindowsUpdate.log
2013-07-12 13:40 - 2013-07-12 13:39 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:37 - 2013-07-12 13:38 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxxs\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxxs\Desktop\adwcleaner.exe
2013-07-12 13:33 - 2012-04-07 08:46 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-12 13:25 - 2011-07-23 10:12 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-12 10:17 - 2013-07-11 23:34 - 00021722 ____A C:\Users\xxxs\Desktop\Addition.txt
2013-07-12 09:47 - 2011-12-21 13:30 - 00000432 ____A C:\Windows\BRWMARK.INI
2013-07-11 23:37 - 2012-06-01 14:05 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxxs\Desktop\FRST.exe
2013-07-11 12:36 - 2013-07-11 12:17 - 00121432 ____A C:\Users\xxxs\Desktop\OTL.Txt
2013-07-11 11:14 - 2013-07-11 10:03 - 00000490 ____A C:\Users\xxxs\Desktop\defogger_disable.log
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxxs\Desktop\7z920.exe
2013-07-11 11:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 10:54 - 2013-07-11 10:19 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:53 - 2013-07-11 10:19 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxxs\Desktop\gmer_2.1.19163.exe
2013-07-11 09:27 - 2013-06-02 11:33 - 00002880 ____A C:\Windows\PFRO.log
2013-07-11 09:27 - 2012-05-03 22:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-10 03:53 - 2011-06-20 22:49 - 00000000 ____D C:\Users\xxxs\AppData\Roaming\Mozilla
2013-07-07 14:01 - 2011-12-20 17:50 - 00000000 ____D C:\Program Files\Opera
2013-07-07 09:30 - 2013-05-19 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-01 12:38 - 2013-03-20 12:03 - 00000000 ____D C:\Users\xxxs\AppData\Roaming\vlc
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxxs\Desktop\h2test
2013-07-01 11:42 - 2011-06-20 12:30 - 01614664 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-01 11:40 - 2013-05-07 19:14 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-30 11:18 - 2013-06-30 11:17 - 00218129 ____A C:\Users\xxxs\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxxs\Desktop\OTL.exe
2013-06-29 12:29 - 2013-06-29 12:28 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxxs\defogger_reenable
2013-06-29 12:28 - 2011-06-20 12:26 - 00000000 ____D C:\Users\xxxs
2013-06-29 12:27 - 2013-06-29 12:28 - 00050477 ____A C:\Users\xxxs\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxxs\Downloads\FRST.exe
2013-06-28 15:48 - 2013-05-25 12:30 - 00000000 ____D C:\Program Files\YTKaraoke
2013-06-24 18:41 - 2013-06-24 17:38 - 00000000 ____D C:\Users\xxxs\AppData\Local\CaptureOne
2013-06-24 17:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxxs\AppData\Local\Phase_One
2013-06-24 17:41 - 2013-06-24 17:37 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:41 - 2012-02-23 10:50 - 00000000 ____D C:\Program Files\DIFX
2013-06-24 17:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:38 - 2012-02-29 17:34 - 00000000 ____D C:\Users\xxxs\AppData\Roaming\NVIDIA
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxxs\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-23 14:38 - 2012-06-14 22:16 - 00581120 __ASH C:\Users\xxxs\Downloads\Thumbs.db
2013-06-21 08:13 - 2012-01-02 19:16 - 00000000 ____D C:\Program Files\JDownloader
2013-06-20 11:00 - 2013-06-20 10:54 - 00000000 ____D C:\Users\xxxs\Documents\Strom
2013-06-20 10:59 - 2011-12-21 13:27 - 00000500 ____A C:\Windows\Brownie.ini
2013-06-20 10:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-06-19 20:40 - 2013-06-19 20:32 - 00000000 ____D C:\Users\xxxs\Downloads\Reciver_firmware
2013-06-19 13:16 - 2012-05-22 11:45 - 00000000 ___SD C:\Users\xxxs\Google Drive
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxxs\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:31 - 2013-06-18 22:30 - 00010495 ____A C:\Users\xxxs\SebMur_elster_2048.pfx
2013-06-14 12:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-14 12:01 - 2011-06-20 13:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 12:00 - 2013-06-02 11:33 - 00392384 ____A C:\Windows\system32\FNTCACHE.DAT
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-06-14 11:56 - 2013-06-14 11:44 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxxs\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:36 - 2013-06-14 11:37 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-14 11:36 - 2012-06-20 20:05 - 00866720 ____A (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-06-14 11:36 - 2011-07-26 23:36 - 00788896 ____A (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxxs\Downloads\jxpiinstall.exe
2013-06-12 10:19 - 2012-04-07 08:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-12 10:19 - 2011-09-28 13:40 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-04 20:49

==================== End Of Log ============================
--- --- ---

--- --- ---




Vielen Dank schon mal

schrauber 12.07.2013 13:29
Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.


und ein frisches FRST log bitte. Noch Probleme?

Artemi 14.07.2013 09:25
Hallo schrauber vielen Dabk für Deine Hilfe hier die Logfiles
ESET
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7044ff8a4fcc0c48a79d872945e3dd17
# engine=14376
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-13 11:36:35
# local_time=2013-07-13 01:36:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 10496 239135085 3259 0
# compatibility_mode=5893 16776574 100 94 26761583 125346586 0 0
# scanned=129243
# found=0
# cleaned=0
# scan_time=7673

SecurityCheck
Code:
Results of screen317's Security Check version 0.99.68 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 CCleaner   
 Java(TM) 6 Update 33 
 Java 7 Update 21 
 Java version out of Date!
 Adobe Flash Player        11.7.700.224 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (22.0)
 Google Chrome 28.0.1500.71 
 Google Chrome 28.0.1500.72 
````````Process Check: objlist.exe by Laurent```````` 
 Spybot Teatimer.exe is disabled!
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02
Ran by xxx (administrator) on 14-07-2013 09:50:39
Running from C:\Users\xxx\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CPUCooL\CooLSrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nike) C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [USBToolTip] - C:\PROGRA~2\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Nike+ Connect] - "C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [70656 2012-11-27] (Nike)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-21] ()
HKCU\...\Run: [Google Update] - "C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-03-24] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {7efe0697-9b29-11e0-910d-0015f2f36bac} - E:\pushinst.exe
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Orbit.lnk
ShortcutTarget: Orbit.lnk -> C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (SweetIM Search) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (SweetIM Search) -      "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [14464 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [50048 2009-07-14] (Microsoft Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-05-28] (Scott)
S3 ALSysIO; \??\C:\Users\FUJITS~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 09:50 - 2013-07-14 09:50 - 00001066 ____A C:\Users\xxx\Desktop\checkup.txt
2013-07-13 11:14 - 2013-07-13 11:14 - 00890988 ____A C:\Users\xxx\Desktop\SecurityCheck.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 02347384 ____A (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_enu.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 00448512 ____A (OldTimer Tools) C:\Users\xxx\Desktop\TFC.exe
2013-07-12 14:00 - 2013-07-12 14:00 - 00000193 ____A C:\Windows\WORDPAD.INI
2013-07-12 13:53 - 2013-07-12 14:00 - 00005894 ____A C:\Users\xxx\Desktop\JRT.txt
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:45 - 2013-07-12 14:00 - 00020881 ____A C:\Users\xxx\Desktop\AdwCleaner[S1].txt
2013-07-12 13:39 - 2013-07-12 13:40 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:38 - 2013-07-12 13:37 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxx\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-07-11 23:34 - 2013-07-12 10:17 - 00021722 ____A C:\Users\xxx\Desktop\Addition.txt
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 12:17 - 2013-07-11 12:36 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 10:19 - 2013-07-11 10:54 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:19 - 2013-07-11 10:53 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-11 10:03 - 2013-07-11 11:14 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-06-30 11:17 - 2013-06-30 11:18 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:28 - 2013-06-29 12:29 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2013-06-29 12:27 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:38 - 2013-06-24 18:41 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:37 - 2013-06-24 17:41 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-20 10:54 - 2013-06-20 11:00 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-19 20:32 - 2013-06-19 20:40 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:30 - 2013-06-18 22:31 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:56 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxx\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:37 - 2013-06-14 11:36 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxx\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2013-07-14 09:52 - 2013-01-21 17:43 - 00000000 ____D C:\Users\xxx\AppData\Local\PMB Files
2013-07-14 09:50 - 2013-07-14 09:50 - 00001066 ____A C:\Users\xxx\Desktop\checkup.txt
2013-07-14 09:47 - 2012-06-01 14:05 - 00001156 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job
2013-07-14 09:47 - 2011-07-23 10:12 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 09:33 - 2012-04-07 08:46 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 09:28 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-14 09:28 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-14 09:24 - 2011-06-20 12:36 - 02092590 ____A C:\Windows\WindowsUpdate.log
2013-07-14 09:21 - 2012-04-22 13:47 - 00000000 ___RD C:\Users\xxx\Dropbox
2013-07-14 09:21 - 2012-04-22 13:43 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dropbox
2013-07-14 09:21 - 2012-02-05 13:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit
2013-07-14 09:20 - 2013-06-02 11:33 - 00003212 ____A C:\Windows\PFRO.log
2013-07-14 09:20 - 2013-06-02 11:33 - 00000784 ____A C:\Windows\setupact.log
2013-07-14 09:20 - 2012-01-26 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 09:20 - 2011-07-23 10:12 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 09:20 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-13 11:27 - 2011-06-20 12:30 - 01614664 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-13 11:14 - 2013-07-13 11:14 - 00890988 ____A C:\Users\xxx\Desktop\SecurityCheck.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 02347384 ____A (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_enu.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 00448512 ____A (OldTimer Tools) C:\Users\xxx\Desktop\TFC.exe
2013-07-13 10:47 - 2012-06-01 14:05 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job
2013-07-12 14:00 - 2013-07-12 14:00 - 00000193 ____A C:\Windows\WORDPAD.INI
2013-07-12 14:00 - 2013-07-12 13:53 - 00005894 ____A C:\Users\xxx\Desktop\JRT.txt
2013-07-12 14:00 - 2013-07-12 13:45 - 00020881 ____A C:\Users\xxx\Desktop\AdwCleaner[S1].txt
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:40 - 2013-07-12 13:39 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:37 - 2013-07-12 13:38 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxx\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-07-12 10:17 - 2013-07-11 23:34 - 00021722 ____A C:\Users\xxx\Desktop\Addition.txt
2013-07-12 09:47 - 2011-12-21 13:30 - 00000432 ____A C:\Windows\BRWMARK.INI
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 12:36 - 2013-07-11 12:17 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:14 - 2013-07-11 10:03 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 11:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 10:54 - 2013-07-11 10:19 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:53 - 2013-07-11 10:19 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-11 09:27 - 2012-05-03 22:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-10 03:53 - 2011-06-20 22:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mozilla
2013-07-07 14:01 - 2011-12-20 17:50 - 00000000 ____D C:\Program Files\Opera
2013-07-07 09:30 - 2013-05-19 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-01 12:38 - 2013-03-20 12:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-07-01 11:40 - 2013-05-07 19:14 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-30 11:18 - 2013-06-30 11:17 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:29 - 2013-06-29 12:28 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2011-06-20 12:26 - 00000000 ____D C:\Users\xxx
2013-06-29 12:27 - 2013-06-29 12:28 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-28 15:48 - 2013-05-25 12:30 - 00000000 ____D C:\Program Files\YTKaraoke
2013-06-24 18:41 - 2013-06-24 17:38 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:41 - 2013-06-24 17:37 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:41 - 2012-02-23 10:50 - 00000000 ____D C:\Program Files\DIFX
2013-06-24 17:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:38 - 2012-02-29 17:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\NVIDIA
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-23 14:38 - 2012-06-14 22:16 - 00581120 __ASH C:\Users\xxx\Downloads\Thumbs.db
2013-06-21 08:13 - 2012-01-02 19:16 - 00000000 ____D C:\Program Files\JDownloader
2013-06-20 11:00 - 2013-06-20 10:54 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-20 10:59 - 2011-12-21 13:27 - 00000500 ____A C:\Windows\Brownie.ini
2013-06-20 10:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-06-19 20:40 - 2013-06-19 20:32 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-19 13:16 - 2012-05-22 11:45 - 00000000 ___SD C:\Users\xxx\Google Drive
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:31 - 2013-06-18 22:30 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx
2013-06-14 12:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-14 12:01 - 2011-06-20 13:32 - 00000000 ____D C:\Windows\Panther
2013-06-14 12:00 - 2013-06-02 11:33 - 00392384 ____A C:\Windows\system32\FNTCACHE.DAT
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-06-14 11:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-06-14 11:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-06-14 11:56 - 2013-06-14 11:44 - 00012551 ____A C:\Windows\IE10_main.log
2013-06-14 11:52 - 2013-06-14 11:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02877440 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-14 11:52 - 2013-06-14 11:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01767936 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 01441280 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-14 11:52 - 2013-06-14 11:52 - 01400416 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-06-14 11:52 - 2013-06-14 11:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00745472 ____A (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00719360 ____A (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00629248 ____A (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00523264 ____A (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00493056 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00361984 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-14 11:52 - 2013-06-14 11:52 - 00357888 ____A (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00242200 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00232960 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00226816 ____A (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00204800 ____A (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00185344 ____A (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00163840 ____A (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00158720 ____A (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00150528 ____A (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00138752 ____A (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00137216 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00125440 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00117248 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00110592 ____A (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00082432 ____A (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00079872 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00073728 ____A (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00069120 ____A (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00061952 ____A (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-06-14 11:52 - 2013-06-14 11:52 - 00061440 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00057344 ____A (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00048640 ____A (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00042496 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00038400 ____A (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00033280 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00023040 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-14 11:52 - 2013-06-14 11:52 - 00012800 ____A (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-06-14 11:52 - 2013-06-14 11:52 - 00011776 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-14 11:51 - 2013-06-14 11:51 - 00049152 ____A (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00868352 ____A (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00271360 ____A (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-06-14 11:50 - 2013-06-14 11:50 - 00169984 ____A (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00006144 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00005120 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004608 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-06-14 11:50 - 2013-06-14 11:50 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 03419136 ____A (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 02284544 ____A (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01988096 ____A (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01504768 ____A (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01247744 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01230336 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01158144 ____A (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 01080832 ____A (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00906240 ____A (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00604160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00417792 ____A (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00364544 ____A (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00293376 ____A (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00249856 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00220160 ____A (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00207872 ____A (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00187392 ____A (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00161792 ____A (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00010752 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00009728 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00005632 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00004096 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003584 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00003072 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-14 11:49 - 2013-06-14 11:49 - 00002560 ___AH (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:44 - 2013-06-14 11:44 - 00861184 ____A (Microsoft Corporation) C:\Users\xxx\Downloads\IE10-Windows6.1-de-de (1).exe
2013-06-14 11:37 - 2013-06-14 11:37 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-14 11:36 - 2013-06-14 11:37 - 00263584 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-06-14 11:36 - 2013-06-14 11:36 - 00094112 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-06-14 11:36 - 2012-09-10 12:48 - 00174496 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-06-14 11:36 - 2012-06-20 20:05 - 00866720 ____A (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-06-14 11:36 - 2011-07-26 23:36 - 00788896 ____A (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-06-14 11:33 - 2013-06-14 11:33 - 00903072 ____A (Oracle Corporation) C:\Users\xxx\Downloads\jxpiinstall.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-04 20:49

==================== End Of Log ============================
--- --- ---




muss ich noch was tun ?
wie kann ich in Zukunft so was vermeiden
Vielen Dank

schrauber 14.07.2013 12:42
Java und adobe updaten. Noch Probleme? :)

Artemi 15.07.2013 09:09
Hallo schrauber,
vielen Dank für Deine Hilfe. Das Problem besteht zu teil noch, irgendwie muss ich was im Firefox deaktivieren um zuverghindern, dass immer wieder neue Werbefenster aufgemacht weden.
Ich habe aber auch bemerkt beim verwenden von Internet Explorer önnen sich plötzlich neue Browserfenster in einer geschindigkeit wie maschinengewährt folge 1000 neue Fenster stoppen kaum möglich nur über strg +entf .
Irgnedwie ist da was noch aber was? und wie rausbekommen.
Hilft vielleicht eine neuinstallation von Firefox und IE?


Gruß
Artemis

schrauber 15.07.2013 09:28
Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)


Firefox deinstallieren, keine Daten behalten, neu installieren. Addon Adblock Plus isntallieren.

Frisches FRST log bitte :).

Artemi 15.07.2013 09:46
Vielen Dank

hier noch das frische FST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02
Ran by xxx (administrator) on 15-07-2013 10:39:47
Running from C:\Users\xxx\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CPUCooL\CooLSrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nike) C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Google Inc.) C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitdm.exe
(Dropbox, Inc.) C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Orbitdownloader.com) C:\Program Files\Orbitdownloader\orbitnet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [USBToolTip] - C:\PROGRA~2\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Nike+ Connect] - "C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [70656 2012-11-27] (Nike)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-21] ()
HKCU\...\Run: [Google Update] - "C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-03-24] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {7efe0697-9b29-11e0-910d-0015f2f36bac} - E:\pushinst.exe
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [ 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Orbit.lnk
ShortcutTarget: Orbit.lnk -> C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ps8aqelb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\xxx\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0

Chrome:
=======
CHR DefaultSearchURL: (SweetIM Search) - hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={36908F35-50D6-11E2-A2CE-E71E23B0683D}
CHR DefaultSuggestURL: (SweetIM Search) -      "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\xxx\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 CPUCooLServer; C:\Program Files\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [14464 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [7168 2005-08-18] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [50048 2009-07-14] (Microsoft Corporation)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-05-28] (Scott)
S3 ALSysIO; \??\C:\Users\FUJITS~1\AppData\Local\Temp\ALSysIO.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 10:36 - 2013-07-15 10:36 - 00001115 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-15 10:36 - 2013-07-15 10:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-15 10:34 - 2013-07-15 10:34 - 21703480 ____A (Mozilla) C:\Users\xxx\Desktop\Firefox_Setup_22.0.exe
2013-07-14 09:55 - 2013-07-14 09:55 - 00058028 ____A C:\Users\xxx\Desktop\FRST3.txt
2013-07-14 09:50 - 2013-07-14 09:50 - 00001066 ____A C:\Users\xxx\Desktop\checkup.txt
2013-07-13 11:14 - 2013-07-13 11:14 - 00890988 ____A C:\Users\xxx\Desktop\SecurityCheck.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 02347384 ____A (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_enu.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 00448512 ____A (OldTimer Tools) C:\Users\xxx\Desktop\TFC.exe
2013-07-12 14:00 - 2013-07-12 14:00 - 00000193 ____A C:\Windows\WORDPAD.INI
2013-07-12 13:53 - 2013-07-12 14:00 - 00005894 ____A C:\Users\xxx\Desktop\JRT.txt
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:45 - 2013-07-12 14:00 - 00020881 ____A C:\Users\xxx\Desktop\AdwCleaner[S1].txt
2013-07-12 13:39 - 2013-07-12 13:40 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:38 - 2013-07-12 13:37 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxx\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-07-11 23:34 - 2013-07-12 10:17 - 00021722 ____A C:\Users\xxx\Desktop\Addition.txt
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 12:17 - 2013-07-11 12:36 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 10:19 - 2013-07-11 10:54 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:19 - 2013-07-11 10:53 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-11 10:03 - 2013-07-11 11:14 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-06-30 11:17 - 2013-06-30 11:18 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:28 - 2013-06-29 12:29 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2013-06-29 12:27 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:38 - 2013-06-24 18:41 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:37 - 2013-06-24 17:41 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-20 10:54 - 2013-06-20 11:00 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-19 20:32 - 2013-06-19 20:40 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:30 - 2013-06-18 22:31 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx

==================== One Month Modified Files and Folders =======

2013-07-15 10:42 - 2013-01-21 17:43 - 00000000 ____D C:\Users\xxx\AppData\Local\PMB Files
2013-07-15 10:36 - 2013-07-15 10:36 - 00001115 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-15 10:36 - 2013-07-15 10:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-15 10:36 - 2013-05-19 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-15 10:35 - 2012-02-05 13:23 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Orbit
2013-07-15 10:34 - 2013-07-15 10:34 - 21703480 ____A (Mozilla) C:\Users\xxx\Desktop\Firefox_Setup_22.0.exe
2013-07-15 10:33 - 2012-04-07 08:46 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 10:14 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 10:14 - 2009-07-14 06:34 - 00014016 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 09:47 - 2012-06-01 14:05 - 00001156 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000UA.job
2013-07-15 09:47 - 2011-07-23 10:12 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 09:41 - 2011-06-20 12:36 - 01053756 ____A C:\Windows\WindowsUpdate.log
2013-07-15 09:33 - 2012-04-22 13:47 - 00000000 ___RD C:\Users\xxx\Dropbox
2013-07-15 09:33 - 2012-04-22 13:43 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dropbox
2013-07-15 09:32 - 2013-06-02 11:33 - 00004002 ____A C:\Windows\PFRO.log
2013-07-15 09:32 - 2013-06-02 11:33 - 00000840 ____A C:\Windows\setupact.log
2013-07-15 09:32 - 2012-01-26 13:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 09:32 - 2011-07-23 10:12 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 09:32 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-14 10:47 - 2012-06-01 14:05 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1275549095-3732389351-2031529323-1000Core.job
2013-07-14 09:55 - 2013-07-14 09:55 - 00058028 ____A C:\Users\xxx\Desktop\FRST3.txt
2013-07-14 09:50 - 2013-07-14 09:50 - 00001066 ____A C:\Users\xxx\Desktop\checkup.txt
2013-07-13 11:27 - 2011-06-20 12:30 - 01614664 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-13 11:14 - 2013-07-13 11:14 - 00890988 ____A C:\Users\xxx\Desktop\SecurityCheck.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 02347384 ____A (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_enu.exe
2013-07-13 11:12 - 2013-07-13 11:12 - 00448512 ____A (OldTimer Tools) C:\Users\xxx\Desktop\TFC.exe
2013-07-12 14:00 - 2013-07-12 14:00 - 00000193 ____A C:\Windows\WORDPAD.INI
2013-07-12 14:00 - 2013-07-12 13:53 - 00005894 ____A C:\Users\xxx\Desktop\JRT.txt
2013-07-12 14:00 - 2013-07-12 13:45 - 00020881 ____A C:\Users\xxx\Desktop\AdwCleaner[S1].txt
2013-07-12 13:49 - 2013-07-12 13:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-12 13:40 - 2013-07-12 13:39 - 00021011 ____A C:\AdwCleaner[S1].txt
2013-07-12 13:37 - 2013-07-12 13:38 - 00559306 ____A (Oleg N. Scherbakov) C:\Users\xxx\Desktop\JRT.exe
2013-07-12 13:37 - 2013-07-12 13:37 - 00662345 ____A C:\Users\xxx\Desktop\adwcleaner.exe
2013-07-12 10:17 - 2013-07-11 23:34 - 00021722 ____A C:\Users\xxx\Desktop\Addition.txt
2013-07-12 09:47 - 2011-12-21 13:30 - 00000432 ____A C:\Windows\BRWMARK.INI
2013-07-11 23:32 - 2013-07-11 23:32 - 00000000 ____D C:\FRST
2013-07-11 23:31 - 2013-07-11 23:31 - 01218524 ____A (Farbar) C:\Users\xxx\Desktop\FRST.exe
2013-07-11 12:36 - 2013-07-11 12:17 - 00121432 ____A C:\Users\xxx\Desktop\OTL.Txt
2013-07-11 11:14 - 2013-07-11 10:03 - 00000490 ____A C:\Users\xxx\Desktop\defogger_disable.log
2013-07-11 11:11 - 2013-07-11 11:11 - 01110476 ____A C:\Users\xxx\Desktop\7z920.exe
2013-07-11 11:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 10:54 - 2013-07-11 10:19 - 00000000 ____D C:\Windows\Minidump
2013-07-11 10:53 - 2013-07-11 10:19 - 279899172 ____A C:\Windows\MEMORY.DMP
2013-07-11 10:19 - 2013-07-11 10:19 - 00131072 ____A C:\Windows\Minidump\071113-24031-01.dmp
2013-07-11 10:05 - 2013-07-11 10:05 - 00377856 ____A C:\Users\xxx\Desktop\gmer_2.1.19163.exe
2013-07-10 03:53 - 2011-06-20 22:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Mozilla
2013-07-07 14:01 - 2011-12-20 17:50 - 00000000 ____D C:\Program Files\Opera
2013-07-01 12:38 - 2013-03-20 12:03 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2013-07-01 12:02 - 2013-07-01 12:02 - 00000000 ____D C:\Users\xxx\Desktop\h2test
2013-07-01 11:40 - 2013-05-07 19:14 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-30 11:18 - 2013-06-30 11:17 - 00218129 ____A C:\Users\xxx\Desktop\h2testw_1.4.zip
2013-06-29 12:29 - 2013-06-29 12:29 - 00602112 ____A (OldTimer Tools) C:\Users\xxx\Desktop\OTL.exe
2013-06-29 12:29 - 2013-06-29 12:28 - 00000490 ____A C:\Windows\system32\defogger_disable.log
2013-06-29 12:28 - 2013-06-29 12:28 - 00000000 ____A C:\Users\xxx\defogger_reenable
2013-06-29 12:28 - 2011-06-20 12:26 - 00000000 ____D C:\Users\xxx
2013-06-29 12:27 - 2013-06-29 12:28 - 00050477 ____A C:\Users\xxx\Desktop\Defogger.exe
2013-06-29 12:10 - 2013-06-29 12:10 - 01372101 ____A (Farbar) C:\Users\xxx\Downloads\FRST.exe
2013-06-28 15:48 - 2013-05-25 12:30 - 00000000 ____D C:\Program Files\YTKaraoke
2013-06-24 18:41 - 2013-06-24 17:38 - 00000000 ____D C:\Users\xxx\AppData\Local\CaptureOne
2013-06-24 17:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\DriverStore
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Users\xxx\AppData\Local\Phase_One
2013-06-24 17:41 - 2013-06-24 17:37 - 00004366 ____A C:\Windows\DPINST.LOG
2013-06-24 17:41 - 2012-02-23 10:50 - 00000000 ____D C:\Program Files\DIFX
2013-06-24 17:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-24 17:38 - 2013-06-24 17:38 - 00000000 ____D C:\ProgramData\Phase One
2013-06-24 17:38 - 2012-02-29 17:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\NVIDIA
2013-06-24 17:36 - 2013-06-24 17:36 - 00001158 ____A C:\Users\xxx\Desktop\Capture One 6.lnk
2013-06-24 17:35 - 2013-06-24 17:35 - 00000000 ____D C:\Program Files\Phase One
2013-06-23 14:38 - 2012-06-14 22:16 - 00581120 __ASH C:\Users\xxx\Downloads\Thumbs.db
2013-06-21 08:13 - 2012-01-02 19:16 - 00000000 ____D C:\Program Files\JDownloader
2013-06-20 11:00 - 2013-06-20 10:54 - 00000000 ____D C:\Users\xxx\Documents\Strom
2013-06-20 10:59 - 2011-12-21 13:27 - 00000500 ____A C:\Windows\Brownie.ini
2013-06-20 10:59 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-06-19 20:40 - 2013-06-19 20:32 - 00000000 ____D C:\Users\xxx\Downloads\Reciver_firmware
2013-06-19 13:16 - 2012-05-22 11:45 - 00000000 ___SD C:\Users\xxx\Google Drive
2013-06-18 22:33 - 2013-06-18 22:33 - 00004557 ____A C:\Users\xxx\Documents\Begrüßung_ElsterOnline1.html
2013-06-18 22:31 - 2013-06-18 22:30 - 00010495 ____A C:\Users\xxx\SebMur_elster_2048.pfx

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 10:13

==================== End Of Log ============================
--- --- ---






ICh denke das Problem ist somit behoben
Vielen Dank an Dich und an das Forum
Gruß

schrauber 15.07.2013 11:02
gehen denn beide Browser wieder?

Artemi 15.07.2013 18:59
Hi Schrauber,
Ja die Browser gehen wieder beim IE war es irgendwie nicht gleich am Anfang aufgetreten.
Wahrscheinlich erst nach aufwecken des PC aus dem Schlafmodus, das ich öfters ausführe
ich werde es weiterhin beobachten.
Ich denke damit ist es behoben.


Vielen Dank für Deine Hilfe

schrauber 15.07.2013 19:28
Dann fertig und aufräumen :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Artemi 15.07.2013 22:50
Hi schrauber Vielen Dank für die Hilfe

Ich werde Deine tips beherzigen.

Ich klinke mich aus mit einem großen

:daumenhoc DANKE SCHÖN

schrauber 16.07.2013 07:27
Gern geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:40 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131