Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   ein Problem gefunden,,hkey data manager toolbar,,kann es nicht löschen (https://www.trojaner-board.de/139994-problem-gefunden-hkey-data-manager-toolbar-loeschen.html)

aharonov 20.08.2013 14:42
Ja das passt so. Dann weiter mit den nächsten Schritten.

charly1601 20.08.2013 14:51
hab eine Frage wenn ich den LSPFix aufmache hab ich zwar ein kästchen wo ich ein Hacken reinsetzten kann nur leider erkenne ich nichts wo was steht wie z.B ,,i know what i do!alles schwarz! was soll ich machen?

aharonov 20.08.2013 14:52
Dann schliesse es und versuche es erneut. Wenn es gleich ist, überspring diesen Schritt.

charly1601 20.08.2013 15:12
okay ich überspringe diesen schritt,das problem hab ich aber schon immer dasselbe hatte ich auch mit dem OTL fenster da hatte ich nur das Glück das mir ein Beispiel im Fenster gezeigt worden ist,sonst müsste ich alles erraten.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03
Ran by charly1983 (administrator) on 20-08-2013 16:05:40
Running from C:\Users\charly1983\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\WebConnect\updateWebConnect.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelliType Pro] - c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKCU\...\Run: [HP Photosmart Plus B210 series (NET)] - C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\charly1983\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2A2483DB-4871-46C0-9B52-014088994C2B} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searc
SearchScopes: HKCU - {BBB75436-FAE2-41F8-81D6-E20B1B8CE826} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {E9783D89-8707-436A-A633-3DC7D78D5E35} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebConnect - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files (x86)\WebConnect\WebConnectbho.dll (Web Connect)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Windows\system32\d3dynfov8.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3

FireFox:
========
FF ProfilePath: C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\searchplugins\search_the_web.xml
FF Extension: No Name - C:\Users\charly1983\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\charly1983\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: wxDfast - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\5038a95a0190b@5038a95a01945.info
FF Extension: ftd - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\ftd@ftd.com.xpi
FF Extension: socksharedownloader - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\socksharedownloader@socksharedownloader.com.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [5038a95a0190b@5038a95a01945.info] C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\extensions\5038a95a0190b@5038a95a01945.info
FF Extension: wxDfast - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\extensions\5038a95a0190b@5038a95a01945.info

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WebConnect) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1
CHR Extension: (fIRST lOVE) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lighpcanjnomdcjmfficdanifpdmgmhp\0.2_0
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\charly1983\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\charly1983\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\charly1983\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx
CHR HKLM-x32\...\Chrome\Extension: [hchjefioipobhcjbdaaigbpmjgccoeco] - C:\Users\charly1983\AppData\Local\CRE\hchjefioipobhcjbdaaigbpmjgccoeco.crx
CHR HKLM-x32\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files (x86)\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\charly1983\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx
CHR HKLM-x32\...\Chrome\Extension: [ohlfohjgijhjlpidbbnmcdooegafnnnm] - C:\Program Files (x86)\SockshareDownloader\SockshareDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\charly1983\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 Update WK; C:\Program Files (x86)\WebConnect\updateWebConnect.exe [199976 2013-08-17] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-11] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [x]
S3 btath_avdt; system32\drivers\btath_avdt.sys [x]
S3 BTATH_BUS; \SystemRoot\system32\drivers\btath_bus.sys [x]
S3 BTATH_HCRP; \SystemRoot\system32\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP; \SystemRoot\system32\drivers\btath_rcp.sys [x]
S3 BtFilter; system32\DRIVERS\btfilter.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-20 16:04 - 2013-08-20 16:05 - 01576196 _____ (Farbar) C:\Users\charly1983\Downloads\FRST64.exe
2013-08-20 15:46 - 2013-08-20 15:46 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (3).exe
2013-08-20 15:45 - 2013-08-20 15:45 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (2).exe
2013-08-20 15:44 - 2013-08-20 15:44 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (1).exe
2013-08-20 15:43 - 2013-08-20 15:43 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix.exe
2013-08-20 15:29 - 2013-08-20 15:30 - 00154112 ___SH C:\Users\charly1983\Thumbs.db
2013-08-20 15:23 - 2013-08-20 15:23 - 00000000 ____D C:\_OTL
2013-08-18 20:48 - 2013-08-18 20:49 - 01110476 _____ C:\Users\charly1983\Downloads\7z920.exe
2013-08-18 20:22 - 2013-08-18 20:22 - 00271720 _____ C:\Users\charly1983\Downloads\OTL.Txt.txt
2013-08-18 20:06 - 2013-08-20 15:22 - 00144348 _____ C:\Users\charly1983\Downloads\OTL.Txt
2013-08-18 20:06 - 2013-08-20 15:22 - 00073010 _____ C:\Users\charly1983\Downloads\Extras.Txt
2013-08-18 19:56 - 2013-08-18 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\charly1983\Downloads\OTL.exe
2013-08-18 19:27 - 2013-08-18 19:35 - 00000000 ____D C:\Windows\erdnt
2013-08-18 19:16 - 2013-08-18 19:16 - 00000000 ____D C:\Windows\ERUNT
2013-08-18 19:06 - 2013-08-18 19:06 - 01018166 _____ (Thisisu) C:\Users\charly1983\Downloads\JRT.exe
2013-08-18 18:53 - 2013-08-18 18:54 - 00030893 _____ C:\AdwCleaner[S2].txt
2013-08-18 18:53 - 2013-08-18 18:54 - 00000156 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 18:52 - 2013-08-18 18:52 - 00000352 _____ C:\AdwCleaner[S1].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00666633 _____ C:\Users\charly1983\Downloads\adwcleaner.exe
2013-08-18 18:12 - 2013-08-18 18:23 - 00025234 _____ C:\Users\charly1983\Downloads\Addition.txt
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 18:00 - 2013-08-18 18:00 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe
2013-08-17 17:29 - 2013-08-17 17:29 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Avira
2013-08-17 17:26 - 2013-08-17 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-17 17:25 - 2013-08-17 17:25 - 12081912 _____ (Malwarebytes Corp.) C:\Users\charly1983\Downloads\mbar-1.06.1.1005.exe
2013-08-17 17:25 - 2013-08-17 17:24 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-17 17:23 - 2013-08-17 17:23 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\ProgramData\Avira
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-17 17:23 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-17 17:23 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-17 17:23 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-17 17:17 - 2013-08-17 17:22 - 110344048 _____ C:\Users\charly1983\Downloads\avira_free_antivirus85_de.exe
2013-08-17 16:07 - 2013-08-17 16:07 - 00377856 _____ C:\Users\charly1983\Downloads\rt890wfv.exe
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Malwarebytes
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-17 15:11 - 2013-08-17 15:12 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\charly1983\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-15 03:38 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:38 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:38 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:08 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 03:08 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 03:08 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 03:08 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 03:08 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 03:08 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 03:08 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 03:08 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 03:08 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 03:08 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 03:08 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 03:08 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 03:08 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 03:08 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 03:08 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 03:08 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 03:07 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 03:07 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 19:53 - 2013-08-11 20:28 - 00000000 ____D C:\Users\charly1983\Desktop\musik
2013-08-11 17:12 - 2013-08-11 17:12 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\Documents\StarBurn
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\StarBurn
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\MediaFilters
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Program Files (x86)\StarBurn Software
2013-08-11 17:07 - 2013-08-11 17:09 - 20811512 _____ (StarBurn Software                                          ) C:\Users\charly1983\Downloads\StarBurn151Setup.exe
2013-08-11 16:58 - 2013-08-11 17:02 - 32747816 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero_BurnLite-10.0.10600.exe
2013-08-11 16:48 - 2013-08-11 16:49 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\DeepBurner
2013-08-11 16:47 - 2013-08-11 16:47 - 00000000 ____D C:\Users\charly1983\Downloads\DeepBurner19_Portable
2013-08-11 16:47 - 2008-03-18 12:56 - 00000033 _____ C:\Users\charly1983\Documents\INSTALL.LOG
2013-08-11 16:47 - 2008-03-11 15:21 - 03739136 _____ (Astonsoft) C:\Users\charly1983\Documents\DeepBurner.exe
2013-08-11 16:47 - 2008-03-07 00:59 - 00072756 _____ C:\Users\charly1983\Documents\DeepBurner.lng
2013-08-11 16:47 - 2006-03-15 23:29 - 00005421 _____ C:\Users\charly1983\Documents\License.txt
2013-08-11 16:47 - 2005-10-06 20:36 - 00092216 _____ (Un4seen Developments) C:\Users\charly1983\Documents\bass.dll
2013-08-11 16:47 - 2005-08-12 12:54 - 00001482 _____ C:\Users\charly1983\Documents\DeepBurner.log
2013-08-11 16:47 - 2005-07-26 19:55 - 00000000 ____D C:\Users\charly1983\Documents\Images
2013-08-11 16:47 - 2005-07-26 19:55 - 00000000 ____D C:\Users\charly1983\Documents\Autorun
2013-08-11 16:47 - 2005-03-28 00:45 - 00000539 _____ C:\Users\charly1983\Documents\deepburner.exe.manifest
2013-08-11 16:47 - 2004-10-16 12:03 - 00643984 _____ C:\Users\charly1983\Documents\BurnerHelp.chm
2013-08-11 16:47 - 2004-03-16 17:13 - 00003789 _____ C:\Users\charly1983\Documents\Readme.txt
2013-08-11 16:47 - 2004-02-19 23:41 - 00001794 _____ C:\Users\charly1983\Documents\DefLang.ini
2013-08-11 16:47 - 2003-12-07 14:24 - 00085610 _____ C:\Users\charly1983\Documents\DefaultSound.wav
2013-08-11 16:46 - 2013-08-11 16:47 - 03074362 _____ C:\Users\charly1983\Downloads\DeepBurner19_Portable.zip
2013-08-11 16:40 - 2013-08-11 16:40 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (3).exe
2013-08-11 15:42 - 2013-08-11 15:42 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (2).exe
2013-08-11 15:23 - 2013-08-11 15:23 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (1).exe
2013-08-11 15:21 - 2013-08-11 15:21 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc.exe
2013-08-11 15:21 - 2013-08-11 15:21 - 00000000 ____D C:\Program Files (x86)\Free Easy CD DVD Burner
2013-08-11 15:10 - 2013-08-11 15:12 - 33177736 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero-9.4.12.708b_lite.exe
2013-08-11 14:47 - 2013-08-11 14:47 - 03292672 _____ (CodeSnake Software) C:\Users\charly1983\Downloads\ExploreBurnSetup-1.5.3.exe
2013-07-28 23:03 - 2013-07-31 21:02 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-28 23:01 - 2013-07-28 23:01 - 00784872 _____ (Google Inc.) C:\Users\charly1983\Downloads\ChromeSetup.exe
2013-07-28 22:13 - 2013-07-28 22:13 - 00000013 _____ C:\Users\charly1983\www.google[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 03667825 _____ C:\Users\charly1983\Trace9.fx
2013-07-28 22:12 - 2013-07-28 22:12 - 00085260 _____ C:\Users\charly1983\jquery-1.5.1.min.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00065536 _____ C:\Users\charly1983\tmp.edb
2013-07-28 22:12 - 2013-07-28 22:12 - 00046786 _____ C:\Users\charly1983\20130624_Double%20Play_CallandSurfComfort_VDSL_Motiv%20Pferderennen_728x90_02_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00044544 _____ C:\Users\charly1983\o2dsl_xx_vdsl_ca_300x250[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00041902 _____ C:\Users\charly1983\square.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00040766 _____ C:\Users\charly1983\Upd-2013-07-24-14-34-23.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00039793 _____ C:\Users\charly1983\03a111f3-3cfc-4160-93ea-2984878c0322[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00032768 _____ C:\Users\charly1983\places.sqlite-shm
2013-07-28 22:12 - 2013-07-28 22:12 - 00026288 _____ C:\Users\charly1983\Upd-2013-07-20-14-15-40.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00025188 _____ C:\Users\charly1983\Upd-2013-07-21-21-19-20.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00023260 _____ C:\Users\charly1983\Upd-2013-07-24-20-45-59.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00021836 _____ C:\Users\charly1983\icon.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00019238 _____ C:\Users\charly1983\2013.06.20_Double%20Play_CallandSurfComfort_Motiv%20Mouse_300x250_2_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00011222 _____ C:\Users\charly1983\Upd-2013-07-25-22-20-17.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00010654 _____ C:\Users\charly1983\frameiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00009828 _____ C:\Users\charly1983\tabiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00006764 _____ C:\Users\charly1983\avira-notifier-6944975[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00006324 _____ C:\Users\charly1983\main-v.1.3.5.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005248 _____ C:\Users\charly1983\newtab.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00004955 _____ C:\Users\charly1983\stats.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00004608 _____ C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_myspace.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_gft2.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003596 _____ C:\Users\charly1983\Upd-2013-07-28-01-31-58.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_myspace.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_gft2.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[2].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002766 _____ C:\Users\charly1983\universal[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002698 _____ C:\Users\charly1983\ZipFileLicense.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00002516 _____ C:\Users\charly1983\MpCmdRun.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00002066 _____ C:\Users\charly1983\ie8[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001722 _____ C:\Users\charly1983\index_quer2[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001349 _____ C:\Users\charly1983\clip_image001.emz
2013-07-28 22:12 - 2013-07-28 22:12 - 00001163 _____ C:\Users\charly1983\004353.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00001093 _____ C:\Users\charly1983\notifier_avira_com[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000892 _____ C:\Users\charly1983\NVLSBT49.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000699 _____ C:\Users\charly1983\CZbackground.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000669 _____ C:\Users\charly1983\vcm_platzhalter_300x250[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000668 _____ C:\Users\charly1983\vcm_platzhalter_728x90[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000656 _____ C:\Users\charly1983\manifest.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000532 _____ C:\Users\charly1983\8YU6O5MV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000512 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00000496 _____ C:\Users\charly1983\newtab.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000465 _____ C:\Users\charly1983\settings.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000355 _____ C:\Users\charly1983\HZR8X5C6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000331 _____ C:\Users\charly1983\AF_zalando_outlet_400x535[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000301 _____ C:\Users\charly1983\2GO0BW9S.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000231 _____ C:\Users\charly1983\springer_50-50[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000230 _____ C:\Users\charly1983\settings.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000226 _____ C:\Users\charly1983\GTSV3822.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000188 _____ C:\Users\charly1983\Default[1].aspx
2013-07-28 22:12 - 2013-07-28 22:12 - 00000187 _____ C:\Users\charly1983\background.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000172 _____ C:\Users\charly1983\LDHQU6AW.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000146 _____ C:\Users\charly1983\FX8OL02O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000134 _____ C:\Users\charly1983\H0CE7LV6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000112 _____ C:\Users\charly1983\9K5Q3KL2.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000103 _____ C:\Users\charly1983\SnackTV.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000090 _____ C:\Users\charly1983\VCRBGFPV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000089 _____ C:\Users\charly1983\7PWAZE0O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000088 _____ C:\Users\charly1983\redirect.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000086 _____ C:\Users\charly1983\AYOIKY53.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\ZC9GYH5G.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\CUP14R7N.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000084 _____ C:\Users\charly1983\secure.img-cdn.mediaplex[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 00000043 _____ C:\Users\charly1983\gif[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000038 _____ C:\Users\charly1983\000934.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[4].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[3].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\EtwRTMsMpPsSession7.etl
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\container.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\003815.log
2013-07-28 20:47 - 2013-07-28 20:47 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\337 Wallpaper
2013-07-28 20:41 - 2013-07-28 20:49 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-28 20:41 - 2013-07-28 20:41 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\WinZipper
2013-07-21 22:00 - 2013-07-21 22:00 - 00000240 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job

==================== One Month Modified Files and Folders =======

2013-08-20 16:05 - 2013-08-20 16:05 - 00000000 ____D C:\FRST
2013-08-20 16:05 - 2013-08-20 16:04 - 01576196 _____ (Farbar) C:\Users\charly1983\Downloads\FRST64.exe
2013-08-20 16:03 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 16:03 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 16:01 - 2013-07-18 22:51 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-20 15:59 - 2011-09-01 19:37 - 01892732 _____ C:\Windows\WindowsUpdate.log
2013-08-20 15:55 - 2013-07-18 22:51 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-20 15:55 - 2013-01-31 02:51 - 00029494 _____ C:\Windows\setupact.log
2013-08-20 15:55 - 2012-11-01 23:33 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-08-20 15:55 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-20 15:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-20 15:46 - 2013-08-20 15:46 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (3).exe
2013-08-20 15:45 - 2013-08-20 15:45 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (2).exe
2013-08-20 15:44 - 2013-08-20 15:44 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (1).exe
2013-08-20 15:43 - 2013-08-20 15:43 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix.exe
2013-08-20 15:30 - 2013-08-20 15:29 - 00154112 ___SH C:\Users\charly1983\Thumbs.db
2013-08-20 15:29 - 2011-09-01 20:53 - 00000000 ____D C:\Users\charly1983
2013-08-20 15:27 - 2012-09-07 01:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 15:23 - 2013-08-20 15:23 - 00000000 ____D C:\_OTL
2013-08-20 15:22 - 2013-08-18 20:06 - 00144348 _____ C:\Users\charly1983\Downloads\OTL.Txt
2013-08-20 15:22 - 2013-08-18 20:06 - 00073010 _____ C:\Users\charly1983\Downloads\Extras.Txt
2013-08-20 14:52 - 2012-05-16 23:04 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\PokerStars.EU
2013-08-20 14:39 - 2013-03-19 16:54 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{46E56FE1-E8A7-447D-9D05-4CACB0A4FEED}
2013-08-19 22:40 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 21:25 - 2013-01-31 02:51 - 00220114 _____ C:\Windows\PFRO.log
2013-08-18 20:49 - 2013-08-18 20:48 - 01110476 _____ C:\Users\charly1983\Downloads\7z920.exe
2013-08-18 20:22 - 2013-08-18 20:22 - 00271720 _____ C:\Users\charly1983\Downloads\OTL.Txt.txt
2013-08-18 19:56 - 2013-08-18 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\charly1983\Downloads\OTL.exe
2013-08-18 19:35 - 2013-08-18 19:27 - 00000000 ____D C:\Windows\erdnt
2013-08-18 19:35 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-18 19:34 - 2012-08-25 11:51 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\convert
2013-08-18 19:16 - 2013-08-18 19:16 - 00000000 ____D C:\Windows\ERUNT
2013-08-18 19:06 - 2013-08-18 19:06 - 01018166 _____ (Thisisu) C:\Users\charly1983\Downloads\JRT.exe
2013-08-18 18:54 - 2013-08-18 18:53 - 00030893 _____ C:\AdwCleaner[S2].txt
2013-08-18 18:54 - 2013-08-18 18:53 - 00000156 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 18:52 - 2013-08-18 18:52 - 00000352 _____ C:\AdwCleaner[S1].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00666633 _____ C:\Users\charly1983\Downloads\adwcleaner.exe
2013-08-18 18:23 - 2013-08-18 18:12 - 00025234 _____ C:\Users\charly1983\Downloads\Addition.txt
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 18:00 - 2013-08-18 18:00 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe
2013-08-17 17:39 - 2013-08-17 17:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-17 17:29 - 2013-08-17 17:29 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Avira
2013-08-17 17:25 - 2013-08-17 17:25 - 12081912 _____ (Malwarebytes Corp.) C:\Users\charly1983\Downloads\mbar-1.06.1.1005.exe
2013-08-17 17:24 - 2013-08-17 17:25 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-17 17:23 - 2013-08-17 17:23 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\ProgramData\Avira
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-17 17:22 - 2013-08-17 17:17 - 110344048 _____ C:\Users\charly1983\Downloads\avira_free_antivirus85_de.exe
2013-08-17 16:07 - 2013-08-17 16:07 - 00377856 _____ C:\Users\charly1983\Downloads\rt890wfv.exe
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Malwarebytes
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-17 15:12 - 2013-08-17 15:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\charly1983\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-15 03:35 - 2011-05-19 19:14 - 00697082 _____ C:\Windows\system32\perfh007.dat
2013-08-15 03:35 - 2011-05-19 19:14 - 00148346 _____ C:\Windows\system32\perfc007.dat
2013-08-15 03:35 - 2009-07-14 07:13 - 01635332 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-11 20:28 - 2013-08-11 19:53 - 00000000 ____D C:\Users\charly1983\Desktop\musik
2013-08-11 19:13 - 2012-09-14 01:58 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\vlc
2013-08-11 17:36 - 2011-09-30 00:54 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\CrashDumps
2013-08-11 17:12 - 2013-08-11 17:12 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\Documents\StarBurn
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\StarBurn
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\MediaFilters
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Program Files (x86)\StarBurn Software
2013-08-11 17:09 - 2013-08-11 17:07 - 20811512 _____ (StarBurn Software                                          ) C:\Users\charly1983\Downloads\StarBurn151Setup.exe
2013-08-11 17:02 - 2013-08-11 16:58 - 32747816 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero_BurnLite-10.0.10600.exe
2013-08-11 16:49 - 2013-08-11 16:48 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\DeepBurner
2013-08-11 16:47 - 2013-08-11 16:47 - 00000000 ____D C:\Users\charly1983\Downloads\DeepBurner19_Portable
2013-08-11 16:47 - 2013-08-11 16:46 - 03074362 _____ C:\Users\charly1983\Downloads\DeepBurner19_Portable.zip
2013-08-11 16:40 - 2013-08-11 16:40 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (3).exe
2013-08-11 15:42 - 2013-08-11 15:42 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (2).exe
2013-08-11 15:23 - 2013-08-11 15:23 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (1).exe
2013-08-11 15:21 - 2013-08-11 15:21 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc.exe
2013-08-11 15:21 - 2013-08-11 15:21 - 00000000 ____D C:\Program Files (x86)\Free Easy CD DVD Burner
2013-08-11 15:12 - 2013-08-11 15:10 - 33177736 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero-9.4.12.708b_lite.exe
2013-08-11 14:47 - 2013-08-11 14:47 - 03292672 _____ (CodeSnake Software) C:\Users\charly1983\Downloads\ExploreBurnSetup-1.5.3.exe
2013-08-05 20:02 - 2013-02-13 10:33 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\Microsoft Help
2013-07-31 21:02 - 2013-07-28 23:03 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-28 23:08 - 2011-09-25 22:20 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\Google
2013-07-28 23:03 - 2013-07-18 22:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-28 23:01 - 2013-07-28 23:01 - 00784872 _____ (Google Inc.) C:\Users\charly1983\Downloads\ChromeSetup.exe
2013-07-28 22:54 - 2012-11-01 23:32 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-28 22:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-28 22:13 - 2013-07-28 22:13 - 00000013 _____ C:\Users\charly1983\www.google[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 03667825 _____ C:\Users\charly1983\Trace9.fx
2013-07-28 22:12 - 2013-07-28 22:12 - 00085260 _____ C:\Users\charly1983\jquery-1.5.1.min.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00065536 _____ C:\Users\charly1983\tmp.edb
2013-07-28 22:12 - 2013-07-28 22:12 - 00046786 _____ C:\Users\charly1983\20130624_Double%20Play_CallandSurfComfort_VDSL_Motiv%20Pferderennen_728x90_02_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00044544 _____ C:\Users\charly1983\o2dsl_xx_vdsl_ca_300x250[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00041902 _____ C:\Users\charly1983\square.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00040766 _____ C:\Users\charly1983\Upd-2013-07-24-14-34-23.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00039793 _____ C:\Users\charly1983\03a111f3-3cfc-4160-93ea-2984878c0322[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00032768 _____ C:\Users\charly1983\places.sqlite-shm
2013-07-28 22:12 - 2013-07-28 22:12 - 00026288 _____ C:\Users\charly1983\Upd-2013-07-20-14-15-40.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00025188 _____ C:\Users\charly1983\Upd-2013-07-21-21-19-20.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00023260 _____ C:\Users\charly1983\Upd-2013-07-24-20-45-59.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00021836 _____ C:\Users\charly1983\icon.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00019238 _____ C:\Users\charly1983\2013.06.20_Double%20Play_CallandSurfComfort_Motiv%20Mouse_300x250_2_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00011222 _____ C:\Users\charly1983\Upd-2013-07-25-22-20-17.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00010654 _____ C:\Users\charly1983\frameiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00009828 _____ C:\Users\charly1983\tabiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00006764 _____ C:\Users\charly1983\avira-notifier-6944975[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00006324 _____ C:\Users\charly1983\main-v.1.3.5.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005248 _____ C:\Users\charly1983\newtab.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00004955 _____ C:\Users\charly1983\stats.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00004608 _____ C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_myspace.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_gft2.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003596 _____ C:\Users\charly1983\Upd-2013-07-28-01-31-58.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_myspace.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_gft2.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[2].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002766 _____ C:\Users\charly1983\universal[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002698 _____ C:\Users\charly1983\ZipFileLicense.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00002516 _____ C:\Users\charly1983\MpCmdRun.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00002066 _____ C:\Users\charly1983\ie8[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001722 _____ C:\Users\charly1983\index_quer2[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001349 _____ C:\Users\charly1983\clip_image001.emz
2013-07-28 22:12 - 2013-07-28 22:12 - 00001163 _____ C:\Users\charly1983\004353.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00001093 _____ C:\Users\charly1983\notifier_avira_com[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000892 _____ C:\Users\charly1983\NVLSBT49.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000699 _____ C:\Users\charly1983\CZbackground.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000669 _____ C:\Users\charly1983\vcm_platzhalter_300x250[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000668 _____ C:\Users\charly1983\vcm_platzhalter_728x90[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000656 _____ C:\Users\charly1983\manifest.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000532 _____ C:\Users\charly1983\8YU6O5MV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000512 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00000496 _____ C:\Users\charly1983\newtab.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000465 _____ C:\Users\charly1983\settings.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000355 _____ C:\Users\charly1983\HZR8X5C6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000331 _____ C:\Users\charly1983\AF_zalando_outlet_400x535[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000301 _____ C:\Users\charly1983\2GO0BW9S.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000231 _____ C:\Users\charly1983\springer_50-50[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000230 _____ C:\Users\charly1983\settings.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000226 _____ C:\Users\charly1983\GTSV3822.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000188 _____ C:\Users\charly1983\Default[1].aspx
2013-07-28 22:12 - 2013-07-28 22:12 - 00000187 _____ C:\Users\charly1983\background.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000172 _____ C:\Users\charly1983\LDHQU6AW.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000146 _____ C:\Users\charly1983\FX8OL02O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000134 _____ C:\Users\charly1983\H0CE7LV6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000112 _____ C:\Users\charly1983\9K5Q3KL2.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000103 _____ C:\Users\charly1983\SnackTV.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000090 _____ C:\Users\charly1983\VCRBGFPV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000089 _____ C:\Users\charly1983\7PWAZE0O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000088 _____ C:\Users\charly1983\redirect.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000086 _____ C:\Users\charly1983\AYOIKY53.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\ZC9GYH5G.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\CUP14R7N.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000084 _____ C:\Users\charly1983\secure.img-cdn.mediaplex[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 00000043 _____ C:\Users\charly1983\gif[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000038 _____ C:\Users\charly1983\000934.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[4].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[3].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\EtwRTMsMpPsSession7.etl
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\container.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\003815.log
2013-07-28 20:49 - 2013-07-28 20:41 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-28 20:47 - 2013-07-28 20:47 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\337 Wallpaper
2013-07-28 20:41 - 2013-07-28 20:41 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\WinZipper
2013-07-26 07:13 - 2013-08-15 03:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 03:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 03:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 03:38 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 03:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 03:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 03:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 03:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 03:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 03:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-15 03:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-15 03:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 23:11 - 2011-02-11 01:03 - 01591234 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-25 11:25 - 2013-08-15 03:08 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 03:08 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 22:16 - 2012-10-13 22:33 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-07-21 22:00 - 2013-07-21 22:00 - 00000240 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job

Files to move or delete:
====================
C:\Users\charly1983\container.dat
C:\Users\charly1983\frameiconcache.dat
C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\tabiconcache.dat
C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-04-22 12:14

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

und jetzt noch den Fixlog?Ist das nicht der den ich davor geschickt hab von OTL?

aharonov 20.08.2013 15:14
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Winsock: Catalog5 08 C:\Windows\system32\d3dynfov8.dll File Not found ()
SearchScopes: HKLM - DefaultScope value is missing.
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Bitte poste in deiner nächsten Antwort:
  • Fixlog von FRST
  • Log von MBAM
  • Log von ESET

charly1601 20.08.2013 15:20
die datei ist leer also kein Text!

aharonov 20.08.2013 15:24
Dann wiederhole den Schritt. Wichtig ist, dass die fixlist.txt am gleichen Ort wie die frst64.exe gespeichert ist.
Wenns nicht klappt, weiter mit dem nächsten Schritt.

charly1601 20.08.2013 17:20
sobald ich FRSt neu starte und fix drücke findet er nich die fixlist wie mache ich das?

Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.08.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
charly1983 :: CHARLY1983-VAIO [Administrator]

Schutz: Deaktiviert

20.08.2013 16:44:10
mbam-log-2013-08-20 (16-44-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 221140
Laufzeit: 4 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ee42ae3e7e712145ac14ebd3ee778be0
# engine=14842
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-20 03:49:33
# local_time=2013-08-20 05:49:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 11461 242437063 4236 0
# compatibility_mode=5893 16776573 100 94 335757 128643623 0 0
# scanned=160541
# found=1
# cleaned=1
# scan_time=3039
sh=6D50596719EB835A1FA9450924978522EF60DA09 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\extensions\5038a95a0190b@5038a95a01945.info\content\bg.js"

ich hoffe das ist noch alles richtig

Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.08.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
charly1983 :: CHARLY1983-VAIO [Administrator]

Schutz: Deaktiviert

20.08.2013 18:09:56
mbam-log-2013-08-20 (18-09-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 221029
Laufzeit: 3 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03
Ran by charly1983 (administrator) on 20-08-2013 16:05:40
Running from C:\Users\charly1983\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\WebConnect\updateWebConnect.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelliType Pro] - c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKCU\...\Run: [HP Photosmart Plus B210 series (NET)] - C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\charly1983\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2A2483DB-4871-46C0-9B52-014088994C2B} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searc
SearchScopes: HKCU - {BBB75436-FAE2-41F8-81D6-E20B1B8CE826} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {E9783D89-8707-436A-A633-3DC7D78D5E35} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebConnect - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files (x86)\WebConnect\WebConnectbho.dll (Web Connect)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Windows\system32\d3dynfov8.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3

FireFox:
========
FF ProfilePath: C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\searchplugins\search_the_web.xml
FF Extension: No Name - C:\Users\charly1983\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\charly1983\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: wxDfast - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\5038a95a0190b@5038a95a01945.info
FF Extension: ftd - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\ftd@ftd.com.xpi
FF Extension: socksharedownloader - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\Extensions\socksharedownloader@socksharedownloader.com.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [5038a95a0190b@5038a95a01945.info] C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\extensions\5038a95a0190b@5038a95a01945.info
FF Extension: wxDfast - C:\Users\charly1983\AppData\Roaming\Mozilla\Firefox\Profiles\tn4v7yf6.default\extensions\5038a95a0190b@5038a95a01945.info

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WebConnect) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_1
CHR Extension: (fIRST lOVE) - C:\Users\CHARLY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lighpcanjnomdcjmfficdanifpdmgmhp\0.2_0
CHR HKLM-x32\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\charly1983\AppData\Local\MediaBA\betterads.crx
CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\charly1983\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\charly1983\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx
CHR HKLM-x32\...\Chrome\Extension: [hchjefioipobhcjbdaaigbpmjgccoeco] - C:\Users\charly1983\AppData\Local\CRE\hchjefioipobhcjbdaaigbpmjgccoeco.crx
CHR HKLM-x32\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files (x86)\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\charly1983\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx
CHR HKLM-x32\...\Chrome\Extension: [ohlfohjgijhjlpidbbnmcdooegafnnnm] - C:\Program Files (x86)\SockshareDownloader\SockshareDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\charly1983\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 Update WK; C:\Program Files (x86)\WebConnect\updateWebConnect.exe [199976 2013-08-17] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-11] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [x]
S3 btath_avdt; system32\drivers\btath_avdt.sys [x]
S3 BTATH_BUS; \SystemRoot\system32\drivers\btath_bus.sys [x]
S3 BTATH_HCRP; \SystemRoot\system32\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP; \SystemRoot\system32\drivers\btath_rcp.sys [x]
S3 BtFilter; system32\DRIVERS\btfilter.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-20 16:04 - 2013-08-20 16:05 - 01576196 _____ (Farbar) C:\Users\charly1983\Downloads\FRST64.exe
2013-08-20 15:46 - 2013-08-20 15:46 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (3).exe
2013-08-20 15:45 - 2013-08-20 15:45 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (2).exe
2013-08-20 15:44 - 2013-08-20 15:44 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (1).exe
2013-08-20 15:43 - 2013-08-20 15:43 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix.exe
2013-08-20 15:29 - 2013-08-20 15:30 - 00154112 ___SH C:\Users\charly1983\Thumbs.db
2013-08-20 15:23 - 2013-08-20 15:23 - 00000000 ____D C:\_OTL
2013-08-18 20:48 - 2013-08-18 20:49 - 01110476 _____ C:\Users\charly1983\Downloads\7z920.exe
2013-08-18 20:22 - 2013-08-18 20:22 - 00271720 _____ C:\Users\charly1983\Downloads\OTL.Txt.txt
2013-08-18 20:06 - 2013-08-20 15:22 - 00144348 _____ C:\Users\charly1983\Downloads\OTL.Txt
2013-08-18 20:06 - 2013-08-20 15:22 - 00073010 _____ C:\Users\charly1983\Downloads\Extras.Txt
2013-08-18 19:56 - 2013-08-18 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\charly1983\Downloads\OTL.exe
2013-08-18 19:27 - 2013-08-18 19:35 - 00000000 ____D C:\Windows\erdnt
2013-08-18 19:16 - 2013-08-18 19:16 - 00000000 ____D C:\Windows\ERUNT
2013-08-18 19:06 - 2013-08-18 19:06 - 01018166 _____ (Thisisu) C:\Users\charly1983\Downloads\JRT.exe
2013-08-18 18:53 - 2013-08-18 18:54 - 00030893 _____ C:\AdwCleaner[S2].txt
2013-08-18 18:53 - 2013-08-18 18:54 - 00000156 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 18:52 - 2013-08-18 18:52 - 00000352 _____ C:\AdwCleaner[S1].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00666633 _____ C:\Users\charly1983\Downloads\adwcleaner.exe
2013-08-18 18:12 - 2013-08-18 18:23 - 00025234 _____ C:\Users\charly1983\Downloads\Addition.txt
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 18:00 - 2013-08-18 18:00 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe
2013-08-17 17:29 - 2013-08-17 17:29 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Avira
2013-08-17 17:26 - 2013-08-17 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-17 17:25 - 2013-08-17 17:25 - 12081912 _____ (Malwarebytes Corp.) C:\Users\charly1983\Downloads\mbar-1.06.1.1005.exe
2013-08-17 17:25 - 2013-08-17 17:24 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-17 17:23 - 2013-08-17 17:23 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\ProgramData\Avira
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-17 17:23 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-17 17:23 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-17 17:23 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-17 17:17 - 2013-08-17 17:22 - 110344048 _____ C:\Users\charly1983\Downloads\avira_free_antivirus85_de.exe
2013-08-17 16:07 - 2013-08-17 16:07 - 00377856 _____ C:\Users\charly1983\Downloads\rt890wfv.exe
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Malwarebytes
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-17 15:11 - 2013-08-17 15:12 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\charly1983\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-15 03:38 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:38 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:38 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:38 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:38 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:38 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:38 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:38 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:38 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:38 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:38 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:38 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:38 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:38 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:08 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 03:08 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 03:08 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 03:08 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 03:08 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 03:08 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 03:08 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 03:08 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 03:08 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 03:08 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 03:08 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 03:08 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 03:08 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 03:08 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 03:08 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 03:08 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 03:08 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 03:08 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 03:08 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 03:07 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 03:07 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 19:53 - 2013-08-11 20:28 - 00000000 ____D C:\Users\charly1983\Desktop\musik
2013-08-11 17:12 - 2013-08-11 17:12 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\Documents\StarBurn
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\StarBurn
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\MediaFilters
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Program Files (x86)\StarBurn Software
2013-08-11 17:07 - 2013-08-11 17:09 - 20811512 _____ (StarBurn Software                                          ) C:\Users\charly1983\Downloads\StarBurn151Setup.exe
2013-08-11 16:58 - 2013-08-11 17:02 - 32747816 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero_BurnLite-10.0.10600.exe
2013-08-11 16:48 - 2013-08-11 16:49 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\DeepBurner
2013-08-11 16:47 - 2013-08-11 16:47 - 00000000 ____D C:\Users\charly1983\Downloads\DeepBurner19_Portable
2013-08-11 16:47 - 2008-03-18 12:56 - 00000033 _____ C:\Users\charly1983\Documents\INSTALL.LOG
2013-08-11 16:47 - 2008-03-11 15:21 - 03739136 _____ (Astonsoft) C:\Users\charly1983\Documents\DeepBurner.exe
2013-08-11 16:47 - 2008-03-07 00:59 - 00072756 _____ C:\Users\charly1983\Documents\DeepBurner.lng
2013-08-11 16:47 - 2006-03-15 23:29 - 00005421 _____ C:\Users\charly1983\Documents\License.txt
2013-08-11 16:47 - 2005-10-06 20:36 - 00092216 _____ (Un4seen Developments) C:\Users\charly1983\Documents\bass.dll
2013-08-11 16:47 - 2005-08-12 12:54 - 00001482 _____ C:\Users\charly1983\Documents\DeepBurner.log
2013-08-11 16:47 - 2005-07-26 19:55 - 00000000 ____D C:\Users\charly1983\Documents\Images
2013-08-11 16:47 - 2005-07-26 19:55 - 00000000 ____D C:\Users\charly1983\Documents\Autorun
2013-08-11 16:47 - 2005-03-28 00:45 - 00000539 _____ C:\Users\charly1983\Documents\deepburner.exe.manifest
2013-08-11 16:47 - 2004-10-16 12:03 - 00643984 _____ C:\Users\charly1983\Documents\BurnerHelp.chm
2013-08-11 16:47 - 2004-03-16 17:13 - 00003789 _____ C:\Users\charly1983\Documents\Readme.txt
2013-08-11 16:47 - 2004-02-19 23:41 - 00001794 _____ C:\Users\charly1983\Documents\DefLang.ini
2013-08-11 16:47 - 2003-12-07 14:24 - 00085610 _____ C:\Users\charly1983\Documents\DefaultSound.wav
2013-08-11 16:46 - 2013-08-11 16:47 - 03074362 _____ C:\Users\charly1983\Downloads\DeepBurner19_Portable.zip
2013-08-11 16:40 - 2013-08-11 16:40 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (3).exe
2013-08-11 15:42 - 2013-08-11 15:42 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (2).exe
2013-08-11 15:23 - 2013-08-11 15:23 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (1).exe
2013-08-11 15:21 - 2013-08-11 15:21 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc.exe
2013-08-11 15:21 - 2013-08-11 15:21 - 00000000 ____D C:\Program Files (x86)\Free Easy CD DVD Burner
2013-08-11 15:10 - 2013-08-11 15:12 - 33177736 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero-9.4.12.708b_lite.exe
2013-08-11 14:47 - 2013-08-11 14:47 - 03292672 _____ (CodeSnake Software) C:\Users\charly1983\Downloads\ExploreBurnSetup-1.5.3.exe
2013-07-28 23:03 - 2013-07-31 21:02 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-28 23:01 - 2013-07-28 23:01 - 00784872 _____ (Google Inc.) C:\Users\charly1983\Downloads\ChromeSetup.exe
2013-07-28 22:13 - 2013-07-28 22:13 - 00000013 _____ C:\Users\charly1983\www.google[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 03667825 _____ C:\Users\charly1983\Trace9.fx
2013-07-28 22:12 - 2013-07-28 22:12 - 00085260 _____ C:\Users\charly1983\jquery-1.5.1.min.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00065536 _____ C:\Users\charly1983\tmp.edb
2013-07-28 22:12 - 2013-07-28 22:12 - 00046786 _____ C:\Users\charly1983\20130624_Double%20Play_CallandSurfComfort_VDSL_Motiv%20Pferderennen_728x90_02_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00044544 _____ C:\Users\charly1983\o2dsl_xx_vdsl_ca_300x250[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00041902 _____ C:\Users\charly1983\square.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00040766 _____ C:\Users\charly1983\Upd-2013-07-24-14-34-23.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00039793 _____ C:\Users\charly1983\03a111f3-3cfc-4160-93ea-2984878c0322[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00032768 _____ C:\Users\charly1983\places.sqlite-shm
2013-07-28 22:12 - 2013-07-28 22:12 - 00026288 _____ C:\Users\charly1983\Upd-2013-07-20-14-15-40.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00025188 _____ C:\Users\charly1983\Upd-2013-07-21-21-19-20.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00023260 _____ C:\Users\charly1983\Upd-2013-07-24-20-45-59.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00021836 _____ C:\Users\charly1983\icon.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00019238 _____ C:\Users\charly1983\2013.06.20_Double%20Play_CallandSurfComfort_Motiv%20Mouse_300x250_2_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00011222 _____ C:\Users\charly1983\Upd-2013-07-25-22-20-17.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00010654 _____ C:\Users\charly1983\frameiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00009828 _____ C:\Users\charly1983\tabiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00006764 _____ C:\Users\charly1983\avira-notifier-6944975[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00006324 _____ C:\Users\charly1983\main-v.1.3.5.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005248 _____ C:\Users\charly1983\newtab.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00004955 _____ C:\Users\charly1983\stats.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00004608 _____ C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_myspace.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_gft2.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003596 _____ C:\Users\charly1983\Upd-2013-07-28-01-31-58.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_myspace.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_gft2.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[2].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002766 _____ C:\Users\charly1983\universal[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002698 _____ C:\Users\charly1983\ZipFileLicense.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00002516 _____ C:\Users\charly1983\MpCmdRun.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00002066 _____ C:\Users\charly1983\ie8[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001722 _____ C:\Users\charly1983\index_quer2[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001349 _____ C:\Users\charly1983\clip_image001.emz
2013-07-28 22:12 - 2013-07-28 22:12 - 00001163 _____ C:\Users\charly1983\004353.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00001093 _____ C:\Users\charly1983\notifier_avira_com[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000892 _____ C:\Users\charly1983\NVLSBT49.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000699 _____ C:\Users\charly1983\CZbackground.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000669 _____ C:\Users\charly1983\vcm_platzhalter_300x250[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000668 _____ C:\Users\charly1983\vcm_platzhalter_728x90[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000656 _____ C:\Users\charly1983\manifest.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000532 _____ C:\Users\charly1983\8YU6O5MV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000512 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00000496 _____ C:\Users\charly1983\newtab.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000465 _____ C:\Users\charly1983\settings.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000355 _____ C:\Users\charly1983\HZR8X5C6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000331 _____ C:\Users\charly1983\AF_zalando_outlet_400x535[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000301 _____ C:\Users\charly1983\2GO0BW9S.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000231 _____ C:\Users\charly1983\springer_50-50[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000230 _____ C:\Users\charly1983\settings.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000226 _____ C:\Users\charly1983\GTSV3822.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000188 _____ C:\Users\charly1983\Default[1].aspx
2013-07-28 22:12 - 2013-07-28 22:12 - 00000187 _____ C:\Users\charly1983\background.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000172 _____ C:\Users\charly1983\LDHQU6AW.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000146 _____ C:\Users\charly1983\FX8OL02O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000134 _____ C:\Users\charly1983\H0CE7LV6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000112 _____ C:\Users\charly1983\9K5Q3KL2.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000103 _____ C:\Users\charly1983\SnackTV.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000090 _____ C:\Users\charly1983\VCRBGFPV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000089 _____ C:\Users\charly1983\7PWAZE0O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000088 _____ C:\Users\charly1983\redirect.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000086 _____ C:\Users\charly1983\AYOIKY53.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\ZC9GYH5G.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\CUP14R7N.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000084 _____ C:\Users\charly1983\secure.img-cdn.mediaplex[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 00000043 _____ C:\Users\charly1983\gif[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000038 _____ C:\Users\charly1983\000934.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[4].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[3].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\EtwRTMsMpPsSession7.etl
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\container.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\003815.log
2013-07-28 20:47 - 2013-07-28 20:47 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\337 Wallpaper
2013-07-28 20:41 - 2013-07-28 20:49 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-28 20:41 - 2013-07-28 20:41 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\WinZipper
2013-07-21 22:00 - 2013-07-21 22:00 - 00000240 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job

==================== One Month Modified Files and Folders =======

2013-08-20 16:05 - 2013-08-20 16:05 - 00000000 ____D C:\FRST
2013-08-20 16:05 - 2013-08-20 16:04 - 01576196 _____ (Farbar) C:\Users\charly1983\Downloads\FRST64.exe
2013-08-20 16:03 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 16:03 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 16:01 - 2013-07-18 22:51 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-20 15:59 - 2011-09-01 19:37 - 01892732 _____ C:\Windows\WindowsUpdate.log
2013-08-20 15:55 - 2013-07-18 22:51 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-20 15:55 - 2013-01-31 02:51 - 00029494 _____ C:\Windows\setupact.log
2013-08-20 15:55 - 2012-11-01 23:33 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-08-20 15:55 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-20 15:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-20 15:46 - 2013-08-20 15:46 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (3).exe
2013-08-20 15:45 - 2013-08-20 15:45 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (2).exe
2013-08-20 15:44 - 2013-08-20 15:44 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix (1).exe
2013-08-20 15:43 - 2013-08-20 15:43 - 00186880 _____ (CEXX.ORG) C:\Users\charly1983\Downloads\LSPFix.exe
2013-08-20 15:30 - 2013-08-20 15:29 - 00154112 ___SH C:\Users\charly1983\Thumbs.db
2013-08-20 15:29 - 2011-09-01 20:53 - 00000000 ____D C:\Users\charly1983
2013-08-20 15:27 - 2012-09-07 01:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 15:23 - 2013-08-20 15:23 - 00000000 ____D C:\_OTL
2013-08-20 15:22 - 2013-08-18 20:06 - 00144348 _____ C:\Users\charly1983\Downloads\OTL.Txt
2013-08-20 15:22 - 2013-08-18 20:06 - 00073010 _____ C:\Users\charly1983\Downloads\Extras.Txt
2013-08-20 14:52 - 2012-05-16 23:04 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\PokerStars.EU
2013-08-20 14:39 - 2013-03-19 16:54 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{46E56FE1-E8A7-447D-9D05-4CACB0A4FEED}
2013-08-19 22:40 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 21:25 - 2013-01-31 02:51 - 00220114 _____ C:\Windows\PFRO.log
2013-08-18 20:49 - 2013-08-18 20:48 - 01110476 _____ C:\Users\charly1983\Downloads\7z920.exe
2013-08-18 20:22 - 2013-08-18 20:22 - 00271720 _____ C:\Users\charly1983\Downloads\OTL.Txt.txt
2013-08-18 19:56 - 2013-08-18 19:56 - 00602112 _____ (OldTimer Tools) C:\Users\charly1983\Downloads\OTL.exe
2013-08-18 19:35 - 2013-08-18 19:27 - 00000000 ____D C:\Windows\erdnt
2013-08-18 19:35 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-18 19:34 - 2012-08-25 11:51 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\convert
2013-08-18 19:16 - 2013-08-18 19:16 - 00000000 ____D C:\Windows\ERUNT
2013-08-18 19:06 - 2013-08-18 19:06 - 01018166 _____ (Thisisu) C:\Users\charly1983\Downloads\JRT.exe
2013-08-18 18:54 - 2013-08-18 18:53 - 00030893 _____ C:\AdwCleaner[S2].txt
2013-08-18 18:54 - 2013-08-18 18:53 - 00000156 _____ C:\Windows\DeleteOnReboot.bat
2013-08-18 18:52 - 2013-08-18 18:52 - 00000352 _____ C:\AdwCleaner[S1].txt
2013-08-18 18:49 - 2013-08-18 18:49 - 00666633 _____ C:\Users\charly1983\Downloads\adwcleaner.exe
2013-08-18 18:23 - 2013-08-18 18:12 - 00025234 _____ C:\Users\charly1983\Downloads\Addition.txt
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 18:00 - 2013-08-18 18:00 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe
2013-08-17 17:39 - 2013-08-17 17:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-17 17:29 - 2013-08-17 17:29 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Avira
2013-08-17 17:25 - 2013-08-17 17:25 - 12081912 _____ (Malwarebytes Corp.) C:\Users\charly1983\Downloads\mbar-1.06.1.1005.exe
2013-08-17 17:24 - 2013-08-17 17:25 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-17 17:23 - 2013-08-17 17:23 - 00002076 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\ProgramData\Avira
2013-08-17 17:23 - 2013-08-17 17:23 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-17 17:22 - 2013-08-17 17:17 - 110344048 _____ C:\Users\charly1983\Downloads\avira_free_antivirus85_de.exe
2013-08-17 16:07 - 2013-08-17 16:07 - 00377856 _____ C:\Users\charly1983\Downloads\rt890wfv.exe
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\Malwarebytes
2013-08-17 15:14 - 2013-08-17 15:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-17 15:12 - 2013-08-17 15:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\charly1983\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-15 03:35 - 2011-05-19 19:14 - 00697082 _____ C:\Windows\system32\perfh007.dat
2013-08-15 03:35 - 2011-05-19 19:14 - 00148346 _____ C:\Windows\system32\perfc007.dat
2013-08-15 03:35 - 2009-07-14 07:13 - 01635332 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-11 20:28 - 2013-08-11 19:53 - 00000000 ____D C:\Users\charly1983\Desktop\musik
2013-08-11 19:13 - 2012-09-14 01:58 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\vlc
2013-08-11 17:36 - 2011-09-30 00:54 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\CrashDumps
2013-08-11 17:12 - 2013-08-11 17:12 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\Documents\StarBurn
2013-08-11 17:12 - 2013-08-11 17:12 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\StarBurn
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\MediaFilters
2013-08-11 17:11 - 2013-08-11 17:11 - 00000000 ____D C:\Program Files (x86)\StarBurn Software
2013-08-11 17:09 - 2013-08-11 17:07 - 20811512 _____ (StarBurn Software                                          ) C:\Users\charly1983\Downloads\StarBurn151Setup.exe
2013-08-11 17:02 - 2013-08-11 16:58 - 32747816 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero_BurnLite-10.0.10600.exe
2013-08-11 16:49 - 2013-08-11 16:48 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\DeepBurner
2013-08-11 16:47 - 2013-08-11 16:47 - 00000000 ____D C:\Users\charly1983\Downloads\DeepBurner19_Portable
2013-08-11 16:47 - 2013-08-11 16:46 - 03074362 _____ C:\Users\charly1983\Downloads\DeepBurner19_Portable.zip
2013-08-11 16:40 - 2013-08-11 16:40 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (3).exe
2013-08-11 15:42 - 2013-08-11 15:42 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (2).exe
2013-08-11 15:23 - 2013-08-11 15:23 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc (1).exe
2013-08-11 15:21 - 2013-08-11 15:21 - 01207896 _____ (Koyote-Lab Inc) C:\Users\charly1983\Downloads\FreeEasyCDDVDBurnerSetup-r101-w-bc.exe
2013-08-11 15:21 - 2013-08-11 15:21 - 00000000 ____D C:\Program Files (x86)\Free Easy CD DVD Burner
2013-08-11 15:12 - 2013-08-11 15:10 - 33177736 _____ (Nero AG) C:\Users\charly1983\Downloads\Nero-9.4.12.708b_lite.exe
2013-08-11 14:47 - 2013-08-11 14:47 - 03292672 _____ (CodeSnake Software) C:\Users\charly1983\Downloads\ExploreBurnSetup-1.5.3.exe
2013-08-05 20:02 - 2013-02-13 10:33 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\Microsoft Help
2013-07-31 21:02 - 2013-07-28 23:03 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-28 23:08 - 2011-09-25 22:20 - 00000000 ____D C:\Users\CHARLY~1\AppData\Local\Google
2013-07-28 23:03 - 2013-07-18 22:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-28 23:01 - 2013-07-28 23:01 - 00784872 _____ (Google Inc.) C:\Users\charly1983\Downloads\ChromeSetup.exe
2013-07-28 22:54 - 2012-11-01 23:32 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-28 22:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-28 22:13 - 2013-07-28 22:13 - 00000013 _____ C:\Users\charly1983\www.google[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 03667825 _____ C:\Users\charly1983\Trace9.fx
2013-07-28 22:12 - 2013-07-28 22:12 - 00085260 _____ C:\Users\charly1983\jquery-1.5.1.min.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00065536 _____ C:\Users\charly1983\tmp.edb
2013-07-28 22:12 - 2013-07-28 22:12 - 00046786 _____ C:\Users\charly1983\20130624_Double%20Play_CallandSurfComfort_VDSL_Motiv%20Pferderennen_728x90_02_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00044544 _____ C:\Users\charly1983\o2dsl_xx_vdsl_ca_300x250[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00041902 _____ C:\Users\charly1983\square.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00040766 _____ C:\Users\charly1983\Upd-2013-07-24-14-34-23.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00039793 _____ C:\Users\charly1983\03a111f3-3cfc-4160-93ea-2984878c0322[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00032768 _____ C:\Users\charly1983\places.sqlite-shm
2013-07-28 22:12 - 2013-07-28 22:12 - 00026288 _____ C:\Users\charly1983\Upd-2013-07-20-14-15-40.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00025188 _____ C:\Users\charly1983\Upd-2013-07-21-21-19-20.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00023260 _____ C:\Users\charly1983\Upd-2013-07-24-20-45-59.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00021836 _____ C:\Users\charly1983\icon.xcf
2013-07-28 22:12 - 2013-07-28 22:12 - 00019238 _____ C:\Users\charly1983\2013.06.20_Double%20Play_CallandSurfComfort_Motiv%20Mouse_300x250_2_online[1].swf
2013-07-28 22:12 - 2013-07-28 22:12 - 00011222 _____ C:\Users\charly1983\Upd-2013-07-25-22-20-17.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00010654 _____ C:\Users\charly1983\frameiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00009828 _____ C:\Users\charly1983\tabiconcache.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00006764 _____ C:\Users\charly1983\avira-notifier-6944975[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00006324 _____ C:\Users\charly1983\main-v.1.3.5.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005248 _____ C:\Users\charly1983\newtab.css
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00005120 _____ C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00004955 _____ C:\Users\charly1983\stats.js
2013-07-28 22:12 - 2013-07-28 22:12 - 00004608 _____ C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\https_myspace.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_gft2.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003608 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00003596 _____ C:\Users\charly1983\Upd-2013-07-28-01-31-58.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003584 _____ C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_x.myspacecdn.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.facebook.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_www.amazon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_myspace.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_www.wie-sagt-man-noch.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_synonyme.woxikon.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_imagesrv.adition.com_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_gft2.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_de.wikipedia.org_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00003072 _____ C:\Users\charly1983\http_ad.adnet.de_0.localstorage
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[2].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002848 _____ C:\Users\charly1983\Weka_800x600_standardt_MCT[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002766 _____ C:\Users\charly1983\universal[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00002698 _____ C:\Users\charly1983\ZipFileLicense.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00002516 _____ C:\Users\charly1983\MpCmdRun.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00002066 _____ C:\Users\charly1983\ie8[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001722 _____ C:\Users\charly1983\index_quer2[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00001349 _____ C:\Users\charly1983\clip_image001.emz
2013-07-28 22:12 - 2013-07-28 22:12 - 00001163 _____ C:\Users\charly1983\004353.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00001093 _____ C:\Users\charly1983\notifier_avira_com[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000892 _____ C:\Users\charly1983\NVLSBT49.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000699 _____ C:\Users\charly1983\CZbackground.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000669 _____ C:\Users\charly1983\vcm_platzhalter_300x250[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000668 _____ C:\Users\charly1983\vcm_platzhalter_728x90[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000656 _____ C:\Users\charly1983\manifest.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000532 _____ C:\Users\charly1983\8YU6O5MV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000512 _____ C:\Users\charly1983\https_chrome.google.com_0.localstorage-journal
2013-07-28 22:12 - 2013-07-28 22:12 - 00000496 _____ C:\Users\charly1983\newtab.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000465 _____ C:\Users\charly1983\settings.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000355 _____ C:\Users\charly1983\HZR8X5C6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000331 _____ C:\Users\charly1983\AF_zalando_outlet_400x535[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000301 _____ C:\Users\charly1983\2GO0BW9S.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000231 _____ C:\Users\charly1983\springer_50-50[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000230 _____ C:\Users\charly1983\settings.json
2013-07-28 22:12 - 2013-07-28 22:12 - 00000226 _____ C:\Users\charly1983\GTSV3822.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000188 _____ C:\Users\charly1983\Default[1].aspx
2013-07-28 22:12 - 2013-07-28 22:12 - 00000187 _____ C:\Users\charly1983\background.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000172 _____ C:\Users\charly1983\LDHQU6AW.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000146 _____ C:\Users\charly1983\FX8OL02O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000134 _____ C:\Users\charly1983\H0CE7LV6.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000112 _____ C:\Users\charly1983\9K5Q3KL2.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000103 _____ C:\Users\charly1983\SnackTV.sol
2013-07-28 22:12 - 2013-07-28 22:12 - 00000090 _____ C:\Users\charly1983\VCRBGFPV.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000089 _____ C:\Users\charly1983\7PWAZE0O.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000088 _____ C:\Users\charly1983\redirect.html
2013-07-28 22:12 - 2013-07-28 22:12 - 00000086 _____ C:\Users\charly1983\AYOIKY53.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\ZC9GYH5G.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000085 _____ C:\Users\charly1983\CUP14R7N.txt
2013-07-28 22:12 - 2013-07-28 22:12 - 00000084 _____ C:\Users\charly1983\secure.img-cdn.mediaplex[1].xml
2013-07-28 22:12 - 2013-07-28 22:12 - 00000043 _____ C:\Users\charly1983\gif[1].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000038 _____ C:\Users\charly1983\000934.log
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[4].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000001 _____ C:\Users\charly1983\softupdate[3].htm
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\EtwRTMsMpPsSession7.etl
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\container.dat
2013-07-28 22:12 - 2013-07-28 22:12 - 00000000 _____ C:\Users\charly1983\003815.log
2013-07-28 20:49 - 2013-07-28 20:41 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-28 20:47 - 2013-07-28 20:47 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\337 Wallpaper
2013-07-28 20:41 - 2013-07-28 20:41 - 00000000 ____D C:\Users\charly1983\AppData\Roaming\WinZipper
2013-07-26 07:13 - 2013-08-15 03:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 03:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 03:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 03:38 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 03:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 03:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 03:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 03:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 03:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 03:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 03:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 03:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-15 03:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-15 03:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 23:11 - 2011-02-11 01:03 - 01591234 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-25 11:25 - 2013-08-15 03:08 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 03:08 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 22:16 - 2012-10-13 22:33 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-07-21 22:00 - 2013-07-21 22:00 - 00000240 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job

Files to move or delete:
====================
C:\Users\charly1983\container.dat
C:\Users\charly1983\frameiconcache.dat
C:\Users\charly1983\RecoveryStore.{D6AFC02E-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\RecoveryStore.{E9BFAC29-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\RecoveryStore.{E9BFD339-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\tabiconcache.dat
C:\Users\charly1983\{E9BFAC2A-7386-11E2-97F9-78843CE3C286}.dat
C:\Users\charly1983\{E9BFD33A-7386-11E2-97F9-78843CE3C286}.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-04-22 12:14

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Winsock: Catalog5 08 C:\Windows\system32\d3dynfov8.dll File Not found ()
SearchScopes: HKLM - DefaultScope value is missing.
2013-08-18 18:00 - 2013-08-18 18:00 - 00003278 _____ C:\Windows\System32\Tasks\Dealply
2013-08-18 18:00 - 2013-08-18 18:00 - 00003274 _____ C:\Windows\System32\Tasks\DSite
2013-08-18 17:58 - 2013-08-18 17:58 - 00714352 _____ C:\Users\charly1983\Downloads\ZipOpenerSetup.exe

so ich hoffe ich hab alles geschickt

aharonov 20.08.2013 17:21
Was für Probleme bestehen aktuell noch?

charly1601 20.08.2013 17:26
ich bin mit zwei anderen laptops vernetzt im haus hier der andere ebenfalls sony hat genau dasselbe problem ,,hkey data manager toolbar ......kann ich das was ich bei mir gemacht habe bei dem anderen Laptop durchführen also mit den einzelnen schritten?
Und wie bekomme ich das die schrift wieder normal zu erkennen ist ,damit ich auch weiß wo ich einen Haken setzten soll?

aharonov 23.08.2013 00:00
Eröffne für den anderen Laptop bitte einen neuen Thread hier.

Zitat:
Und wie bekomme ich das die schrift wieder normal zu erkennen ist ,damit ich auch weiß wo ich einen Haken setzten soll?
Das versteh ich nicht so ganz. Kannst du es bitte etwas genauer beschreiben?

aharonov 28.08.2013 01:53
Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

aharonov 01.09.2013 18:11
Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:31 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131