Lief alles problemlos
MBAM Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.12.11.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Dodmann :: CAPRICA [Administrator]
11.12.2013 17:02:56
mbam-log-2013-12-11 (17-02-56).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 243732
Laufzeit: 4 Minute(n), 6 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) ADW Code:
# AdwCleaner v3.015 - Bericht erstellt am 11/12/2013 um 17:13:45
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Dodmann - CAPRICA
# Gestartet von : C:\Users\Dodmann\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Searchprotect
Ordner Gelöscht : C:\Users\Dodmann\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Dodmann\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Dodmann\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Dodmann\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Smartbar
Ordner Gelöscht : C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\CT2851647
Ordner Gelöscht : C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\prefs.js ]
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_TMP_city", "BADEN-BADEN");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_locId", "GMXX3581");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_location", "Baden-Baden, Deutschland");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_region", "DE");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_temp_dis", "c");
Zeile gelöscht : user_pref("CT2849855.1000234.TWC_wind_dis", "kmh");
Zeile gelöscht : user_pref("CT2849855.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"-2°C\",\"temperatureClear\":\"-2°C\",\"highTemperature\":\"-2°C\",\"lowTemperature\":\"-8°C\",\"feelsLike\":\"-8°C\",[...]
Zeile gelöscht : user_pref("CT2849855.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.FirstTime", "true");
Zeile gelöscht : user_pref("CT2849855.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT2849855.LoginRevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2849855.RevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2849855.UserID", "UN14994285219525850");
Zeile gelöscht : user_pref("CT2849855.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2849855.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT2849855.defaultSearch", "false");
Zeile gelöscht : user_pref("CT2849855.embeddedsData", "[{\"appId\":\"129349796699500456\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT2849855.enableAlerts", "always");
Zeile gelöscht : user_pref("CT2849855.enableSearchFromAddressBar", "false");
Zeile gelöscht : user_pref("CT2849855.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT2849855.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT2849855.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT2849855.fixUrls", true);
Zeile gelöscht : user_pref("CT2849855.installType", "xpe");
Zeile gelöscht : user_pref("CT2849855.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT2849855.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT2849855.isNewTabEnabled", false);
Zeile gelöscht : user_pref("CT2849855.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT2849855.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT2849855.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.migrateAppsAndComponents", true);
Zeile gelöscht : user_pref("CT2849855.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.de%2F\",\"EB_MAIN_FRAME_TITLE\":\"Google\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Bit[...]
Zeile gelöscht : user_pref("CT2849855.openThankYouPage", "true");
Zeile gelöscht : user_pref("CT2849855.openUninstallPage", "false");
Zeile gelöscht : user_pref("CT2849855.revertSettingsEnabled", "false");
Zeile gelöscht : user_pref("CT2849855.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
Zeile gelöscht : user_pref("CT2849855.search.searchAppId", "129349796699500456");
Zeile gelöscht : user_pref("CT2849855.search.searchCount", "0");
Zeile gelöscht : user_pref("CT2849855.searchInNewTabEnabled", "false");
Zeile gelöscht : user_pref("CT2849855.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2849855.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2849855\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BittorrentBarDE.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BittorrentBar_DE\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359033627431");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_appsMetadata_lastUpdate", "1359033627087");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359033627745");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_login_10.13.40.15_lastUpdate", "1359033627504");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359033627709");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_searchAPI_lastUpdate", "1359033626657");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_serviceMap_lastUpdate", "1359033626470");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359033627836");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_toolbarSettings_lastUpdate", "1359033626570");
Zeile gelöscht : user_pref("CT2849855.serviceLayer_services_translation_lastUpdate", "1359033627364");
Zeile gelöscht : user_pref("CT2849855.settingsINI", true);
Zeile gelöscht : user_pref("CT2849855.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT2849855.smartbar.CTID", "CT2849855");
Zeile gelöscht : user_pref("CT2849855.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT2849855.smartbar.toolbarName", "BittorrentBar_DE ");
Zeile gelöscht : user_pref("CT2849855.startPage", "false");
Zeile gelöscht : user_pref("CT2849855.toolbarBornServerTime", "24-1-2013");
Zeile gelöscht : user_pref("CT2849855.toolbarCurrentServerTime", "24-1-2013");
Zeile gelöscht : user_pref("CT2849855_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1359035756972,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("CT2851647.1000234.TWC_TMP_city", "MONCHENGLADBACH");
Zeile gelöscht : user_pref("CT2851647.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT2851647.CBOpenMAMSettings", "0");
Zeile gelöscht : user_pref("CT2851647.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.FirstTime", "true");
Zeile gelöscht : user_pref("CT2851647.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT2851647.LoginRevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2851647.RevertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2851647.UserID", "UN68371795595913467");
Zeile gelöscht : user_pref("CT2851647.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2851647.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT2851647.cbcountry_001", "DE");
Zeile gelöscht : user_pref("CT2851647.cbfirsttime", "Sun Nov 18 2012 14:19:51 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.defaultSearch", "FALSE");
Zeile gelöscht : user_pref("CT2851647.enableAlerts", "always");
Zeile gelöscht : user_pref("CT2851647.enableFix404ByUser", "FALSE");
Zeile gelöscht : user_pref("CT2851647.enableSearchFromAddressBar", "FALSE");
Zeile gelöscht : user_pref("CT2851647.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT2851647.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT2851647.fixPageNotFoundErrorByUser", "true");
Zeile gelöscht : user_pref("CT2851647.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT2851647.fixUrls", true);
Zeile gelöscht : user_pref("CT2851647.installId", "fftA73C.tmp.exe");
Zeile gelöscht : user_pref("CT2851647.installType", "XPE");
Zeile gelöscht : user_pref("CT2851647.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT2851647.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT2851647.isNewTabEnabled", false);
Zeile gelöscht : user_pref("CT2851647.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT2851647.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT2851647.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.lastVersion", "10.14.40.128");
Zeile gelöscht : user_pref("CT2851647.migrateAppsAndComponents", true);
Zeile gelöscht : user_pref("CT2851647.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.de%2F\",\"EB_MAIN_FRAME_TITLE\":\"Google\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://uTo[...]
Zeile gelöscht : user_pref("CT2851647.openThankYouPage", "true");
Zeile gelöscht : user_pref("CT2851647.openUninstallPage", "FALSE");
Zeile gelöscht : user_pref("CT2851647.search.searchAppId", "129351532245275780");
Zeile gelöscht : user_pref("CT2851647.search.searchCount", "0");
Zeile gelöscht : user_pref("CT2851647.searchInNewTabEnabled", "false");
Zeile gelöscht : user_pref("CT2851647.searchInNewTabEnabledByUser", "false");
Zeile gelöscht : user_pref("CT2851647.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2851647.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851647\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentBarDE.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_DE\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1353244789797");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_appTracking_lastUpdate", "1353244790867");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_appsMetadata_lastUpdate", "1353244789732");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1353244790310");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.10.27.6_lastUpdate", "1353617817759");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358511900776");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359032755341");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1353244790094");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_searchAPI_lastUpdate", "1353244789286");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_serviceMap_lastUpdate", "1358957968793");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarContextMenu_lastUpdate", "1353244790276");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarSettings_lastUpdate", "1359032755273");
Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_translation_lastUpdate", "1358957968888");
Zeile gelöscht : user_pref("CT2851647.settingsINI", true);
Zeile gelöscht : user_pref("CT2851647.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT2851647.smartbar.CTID", "CT2851647");
Zeile gelöscht : user_pref("CT2851647.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT2851647.smartbar.toolbarName", "uTorrentBar_DE ");
Zeile gelöscht : user_pref("CT2851647.startPage", "userChanged");
Zeile gelöscht : user_pref("CT2851647.toolbarBornServerTime", "18-11-2012");
Zeile gelöscht : user_pref("CT2851647.toolbarCurrentServerTime", "24-1-2013");
Zeile gelöscht : user_pref("CT2851647.upgradeFromClearSBVersion", true);
Zeile gelöscht : user_pref("CT2851647.url_history0001", "magnet:?xt=urn:btih:eab4df3f4faccf93dfcaf310caf8212723c436b9&dn=mass+effect+crack+only+%5Bgalaxy+map+fix%5D&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=ud[...]
Zeile gelöscht : user_pref("CT2851647_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1359035756791,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("smartbar.machineId", "UXBXZBKAKD5ESZNVVENF7URWVYJPCGCAE38HE6XIRXV4OCYIOUTHOTBUNDYB24M4J/S1SBYBXNIXTGXSIMSWQQ");
*************************
AdwCleaner[R0].txt - [16398 octets] - [11/12/2013 17:12:04]
AdwCleaner[S0].txt - [15983 octets] - [11/12/2013 17:13:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16044 octets] ########## JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dodmann on 11.12.2013 at 17:18:06,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Dodmann\appdata\local\cre"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2013 at 17:22:41,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST neu
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Dodmann (administrator) on CAPRICA on 11-12-2013 17:33:19
Running from C:\Users\Dodmann\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-24] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [MsgCenterExe] - "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe" -osboot
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Dodmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default
FF Homepage: www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Furigana Inserter - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\furiganainserter@zorkzero.net
FF Extension: Rikaichan Japanese-English Dictionary File - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\rikaichan-jpen@polarcloud.com
FF Extension: Rikaichan Japanese Names Dictionary File - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\rikaichan-jpnames@polarcloud.com
FF Extension: Rikaichan - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
FF Extension: WOT - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Adblock Plus - C:\Users\Dodmann\AppData\Roaming\Mozilla\Firefox\Profiles\rvfn9yjs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox\firefox.exe
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-18] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-04-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-05-24] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-08-19] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-07] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-08-19] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 sptd; \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-11 17:33 - 2013-12-11 17:33 - 00000000 ____D C:\Users\Dodmann\Desktop\FRST-OlderVersion
2013-12-11 17:22 - 2013-12-11 17:22 - 00000698 _____ C:\Users\Dodmann\Desktop\JRT.txt
2013-12-11 17:18 - 2013-12-11 17:18 - 00000000 ____D C:\Windows\ERUNT
2013-12-11 17:11 - 2013-12-11 17:16 - 00016125 _____ C:\Users\Dodmann\Desktop\scanadw.txt
2013-12-11 17:11 - 2013-12-11 17:13 - 00000000 ____D C:\AdwCleaner
2013-12-11 17:04 - 2013-12-11 17:11 - 00001061 _____ C:\Users\Dodmann\Desktop\Scan.txt
2013-12-11 17:00 - 2013-12-11 17:00 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Malwarebytes
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-11 17:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-11 16:52 - 2013-12-11 16:52 - 01226802 _____ C:\Users\Dodmann\Desktop\adwcleaner.exe
2013-12-11 16:52 - 2013-12-11 16:52 - 01034531 _____ (Thisisu) C:\Users\Dodmann\Desktop\JRT.exe
2013-12-11 16:51 - 2013-12-11 16:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dodmann\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-10 19:10 - 2013-12-10 19:11 - 00003342 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4198404270-2739368592-2236930067-1000
2013-12-10 19:10 - 2013-12-10 19:11 - 00003212 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4198404270-2739368592-2236930067-1000
2013-12-10 19:09 - 2013-12-10 19:17 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Real
2013-12-10 19:08 - 2013-12-10 19:17 - 00000000 ____D C:\ProgramData\Real
2013-12-10 17:38 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-10 17:35 - 2013-12-10 17:35 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 17:35 - 2013-12-10 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 17:35 - 2013-12-10 17:35 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 17:35 - 2013-12-10 17:35 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 17:35 - 2013-12-10 17:35 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 17:35 - 2013-12-10 17:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 17:35 - 2013-12-10 17:35 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 17:35 - 2013-12-10 17:35 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 17:35 - 2013-12-10 17:35 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 17:35 - 2013-12-10 17:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 17:35 - 2013-12-10 17:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 17:34 - 2013-12-10 17:38 - 00010074 _____ C:\Windows\IE11_main.log
2013-12-10 17:04 - 2013-12-10 17:04 - 00000000 ____D C:\ProgramData\McAfee
2013-12-10 16:39 - 2013-12-10 16:39 - 00021161 _____ C:\ComboFix.txt
2013-12-10 16:28 - 2013-12-10 16:39 - 00000000 ____D C:\Qoobox
2013-12-10 16:28 - 2013-12-10 16:38 - 00000000 ____D C:\Windows\erdnt
2013-12-10 16:28 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-10 16:28 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-10 16:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-10 16:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-10 16:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-10 16:28 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-10 16:28 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-10 16:28 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-10 16:26 - 2013-12-10 16:27 - 05153091 ____R (Swearware) C:\Users\Dodmann\Desktop\ComboFix.exe
2013-12-09 18:00 - 2013-12-09 18:00 - 00006780 _____ C:\Users\Dodmann\Desktop\GMER.log
2013-12-09 17:52 - 2013-12-09 17:52 - 00377856 _____ C:\Users\Dodmann\Desktop\gmer_2.1.19163.exe
2013-12-09 17:49 - 2013-12-09 17:50 - 00020608 _____ C:\Users\Dodmann\Desktop\Addition.txt
2013-12-09 17:47 - 2013-12-11 17:33 - 00013640 _____ C:\Users\Dodmann\Desktop\FRST.txt
2013-12-09 17:47 - 2013-12-11 17:33 - 00000000 ____D C:\FRST
2013-12-09 17:46 - 2013-12-11 17:33 - 01928212 _____ (Farbar) C:\Users\Dodmann\Desktop\FRST64.exe
2013-12-09 17:43 - 2013-12-09 17:43 - 00000586 _____ C:\Users\Dodmann\Desktop\defogger_disable.log
2013-12-09 17:43 - 2013-12-09 17:43 - 00000020 _____ C:\Users\Dodmann\defogger_reenable
2013-12-09 17:42 - 2013-12-09 17:42 - 00050477 _____ C:\Users\Dodmann\Desktop\Defogger.exe
2013-12-08 21:12 - 2013-12-08 21:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-08 21:11 - 2013-12-08 21:14 - 00000000 ____D C:\Users\Dodmann\AppData\Local\Mobogenie
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Dodmann\Documents\Mobogenie
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Dodmann\AppData\Local\cache
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 _____ C:\Users\Dodmann\daemonprocess.txt
2013-12-07 14:30 - 2013-12-07 14:52 - 00000563 _____ C:\Users\Dodmann\Desktop\WDs.txt
2013-11-13 13:28 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 13:28 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 13:28 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 13:28 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 13:28 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 13:28 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 13:28 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 13:26 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 13:26 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 13:26 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 13:26 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 13:26 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 13:26 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 13:26 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 13:26 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 13:26 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 13:26 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 13:26 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 13:26 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 13:26 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 13:26 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 13:26 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 13:26 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 13:26 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 13:26 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 13:26 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 13:26 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 13:26 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 13:26 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 13:26 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
==================== One Month Modified Files and Folders =======
2013-12-11 17:33 - 2013-12-11 17:33 - 00000000 ____D C:\Users\Dodmann\Desktop\FRST-OlderVersion
2013-12-11 17:33 - 2013-12-09 17:47 - 00013640 _____ C:\Users\Dodmann\Desktop\FRST.txt
2013-12-11 17:33 - 2013-12-09 17:47 - 00000000 ____D C:\FRST
2013-12-11 17:33 - 2013-12-09 17:46 - 01928212 _____ (Farbar) C:\Users\Dodmann\Desktop\FRST64.exe
2013-12-11 17:22 - 2013-12-11 17:22 - 00000698 _____ C:\Users\Dodmann\Desktop\JRT.txt
2013-12-11 17:22 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:22 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 17:18 - 2013-12-11 17:18 - 00000000 ____D C:\Windows\ERUNT
2013-12-11 17:16 - 2013-12-11 17:11 - 00016125 _____ C:\Users\Dodmann\Desktop\scanadw.txt
2013-12-11 17:15 - 2013-11-10 01:00 - 00007224 _____ C:\Windows\setupact.log
2013-12-11 17:15 - 2012-01-19 01:01 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 17:14 - 2011-08-18 22:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-11 17:14 - 2011-08-11 18:42 - 01959899 _____ C:\Windows\WindowsUpdate.log
2013-12-11 17:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 17:13 - 2013-12-11 17:11 - 00000000 ____D C:\AdwCleaner
2013-12-11 17:11 - 2013-12-11 17:04 - 00001061 _____ C:\Users\Dodmann\Desktop\Scan.txt
2013-12-11 17:02 - 2012-01-19 01:01 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-11 17:00 - 2013-12-11 17:00 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Malwarebytes
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-11 17:00 - 2013-12-11 17:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-11 16:52 - 2013-12-11 16:52 - 01226802 _____ C:\Users\Dodmann\Desktop\adwcleaner.exe
2013-12-11 16:52 - 2013-12-11 16:52 - 01034531 _____ (Thisisu) C:\Users\Dodmann\Desktop\JRT.exe
2013-12-11 16:51 - 2013-12-11 16:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dodmann\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-11 16:45 - 2012-05-09 21:16 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{21A4CE33-B74B-4E8D-A51D-EEAFBDBB1581}
2013-12-10 22:24 - 2012-12-25 16:21 - 00000000 ____D C:\ProgramData\Nokia
2013-12-10 22:24 - 2012-12-25 16:20 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-12-10 22:24 - 2011-08-15 15:34 - 00000000 ____D C:\Users\Dodmann\Desktop\Schmundertüte
2013-12-10 22:23 - 2012-12-25 16:52 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Nokia Suite
2013-12-10 22:23 - 2012-12-25 16:41 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Nokia
2013-12-10 22:23 - 2012-12-25 16:23 - 00000000 ____D C:\Users\Dodmann\AppData\Local\NokiaAccount
2013-12-10 19:47 - 2013-11-10 10:38 - 00003976 _____ C:\Windows\PFRO.log
2013-12-10 19:17 - 2013-12-10 19:09 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Real
2013-12-10 19:17 - 2013-12-10 19:08 - 00000000 ____D C:\ProgramData\Real
2013-12-10 19:11 - 2013-12-10 19:10 - 00003342 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4198404270-2739368592-2236930067-1000
2013-12-10 19:11 - 2013-12-10 19:10 - 00003212 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4198404270-2739368592-2236930067-1000
2013-12-10 19:09 - 2011-08-15 16:48 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Winamp
2013-12-10 18:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-10 17:41 - 2011-08-15 13:32 - 00001387 _____ C:\Users\Dodmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-10 17:41 - 2011-02-11 18:13 - 00000000 ____D C:\Windows\panther
2013-12-10 17:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-10 17:38 - 2013-12-10 17:34 - 00010074 _____ C:\Windows\IE11_main.log
2013-12-10 17:35 - 2013-12-10 17:35 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 17:35 - 2013-12-10 17:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 17:35 - 2013-12-10 17:35 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 17:35 - 2013-12-10 17:35 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 17:35 - 2013-12-10 17:35 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 17:35 - 2013-12-10 17:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 17:35 - 2013-12-10 17:35 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 17:35 - 2013-12-10 17:35 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 17:35 - 2013-12-10 17:35 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 17:35 - 2013-12-10 17:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 17:35 - 2013-12-10 17:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 17:35 - 2013-12-10 17:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 17:35 - 2013-12-10 17:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 17:26 - 2011-09-05 21:02 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Free Download Manager
2013-12-10 17:21 - 2011-08-15 14:49 - 00000000 ____D C:\Users\Dodmann\AppData\Local\Adobe
2013-12-10 17:07 - 2012-01-19 01:01 - 00000000 ____D C:\Users\Dodmann\AppData\Local\Google
2013-12-10 17:07 - 2012-01-19 01:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 17:04 - 2013-12-10 17:04 - 00000000 ____D C:\ProgramData\McAfee
2013-12-10 16:39 - 2013-12-10 16:39 - 00021161 _____ C:\ComboFix.txt
2013-12-10 16:39 - 2013-12-10 16:28 - 00000000 ____D C:\Qoobox
2013-12-10 16:38 - 2013-12-10 16:28 - 00000000 ____D C:\Windows\erdnt
2013-12-10 16:38 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-10 16:37 - 2013-11-07 16:24 - 00000000 ____D C:\Program Files (x86)\Firefox
2013-12-10 16:27 - 2013-12-10 16:26 - 05153091 ____R (Swearware) C:\Users\Dodmann\Desktop\ComboFix.exe
2013-12-09 23:04 - 2011-08-15 14:55 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-09 18:44 - 2011-08-15 15:10 - 00000000 ____D C:\Users\Dodmann\Desktop\Wundertüte
2013-12-09 18:00 - 2013-12-09 18:00 - 00006780 _____ C:\Users\Dodmann\Desktop\GMER.log
2013-12-09 17:52 - 2013-12-09 17:52 - 00377856 _____ C:\Users\Dodmann\Desktop\gmer_2.1.19163.exe
2013-12-09 17:50 - 2013-12-09 17:49 - 00020608 _____ C:\Users\Dodmann\Desktop\Addition.txt
2013-12-09 17:43 - 2013-12-09 17:43 - 00000586 _____ C:\Users\Dodmann\Desktop\defogger_disable.log
2013-12-09 17:43 - 2013-12-09 17:43 - 00000020 _____ C:\Users\Dodmann\defogger_reenable
2013-12-09 17:43 - 2011-08-15 13:29 - 00000000 ____D C:\Users\Dodmann
2013-12-09 17:42 - 2013-12-09 17:42 - 00050477 _____ C:\Users\Dodmann\Desktop\Defogger.exe
2013-12-09 17:34 - 2012-05-05 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-08 22:10 - 2013-10-16 15:00 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-08 21:57 - 2012-01-19 01:01 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-08 21:57 - 2012-01-19 01:01 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-08 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-08 21:29 - 2013-12-08 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-08 21:29 - 2013-03-28 20:08 - 00000000 ____D C:\Users\Dodmann\Desktop\Guitar Pro 5.2
2013-12-08 21:29 - 2013-01-19 13:09 - 00000000 ____D C:\Program Files (x86)\Heroes of Newerth
2013-12-08 21:29 - 2012-06-21 19:51 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\vlc
2013-12-08 21:29 - 2011-08-16 14:02 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\teamspeak2
2013-12-08 21:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-08 21:14 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Dodmann\AppData\Local\Mobogenie
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Dodmann\Documents\Mobogenie
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 ____D C:\Users\Dodmann\AppData\Local\cache
2013-12-08 21:11 - 2013-12-08 21:11 - 00000000 _____ C:\Users\Dodmann\daemonprocess.txt
2013-12-07 14:52 - 2013-12-07 14:30 - 00000563 _____ C:\Users\Dodmann\Desktop\WDs.txt
2013-11-24 19:11 - 2011-08-21 23:23 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Skype
2013-11-24 18:34 - 2013-11-03 23:21 - 00000000 ____D C:\Users\Dodmann\Desktop\SR5
2013-11-23 15:43 - 2012-11-24 18:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-23 15:43 - 2011-08-12 02:13 - 00000000 ____D C:\ProgramData\Skype
2013-11-14 17:49 - 2010-11-21 07:50 - 00697082 _____ C:\Windows\system32\perfh007.dat
2013-11-14 17:49 - 2010-11-21 07:50 - 00148346 _____ C:\Windows\system32\perfc007.dat
2013-11-14 17:49 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 13:05 - 2013-10-16 15:00 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-13 22:01 - 2013-08-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 21:57 - 2011-08-18 08:49 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 19:47 - 2013-01-18 15:50 - 00000000 ____D C:\Users\Dodmann\Desktop\PDFs
2013-11-13 19:44 - 2011-08-15 20:08 - 00000000 ____D C:\Users\Dodmann\Documents\My Games
2013-11-13 19:42 - 2011-08-16 08:45 - 00000000 ____D C:\Users\Dodmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War in the Pacific Admiral's Edition
2013-11-13 19:41 - 2011-08-15 15:49 - 00000000 ____D C:\Spiele
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Dodmann\AppData\Local\Temp\avgnt.exe
C:\Users\Dodmann\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Dodmann\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 18:16
==================== End Of Log ============================ --- --- ---
Danke! |