~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by bolzer56 on 06.07.2013 at 12:27:04,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{43792887-F37A-4DDD-A886-6C4BE0234418}
~~~ Files
Successfully deleted: [File] "C:\windows\s.bat"
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\bolzer56\AppData\Roaming\mozilla\firefox\profiles\i01rbt4a.default\prefs.js
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "28");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.minibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1372699563180");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1373043137984");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1372501015887");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1372501015924");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1372501015948");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "28");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1373092734663");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1373092734687");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1373092735243");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1373092734709");
user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomai
Emptied folder: C:\Users\bolzer56\AppData\Roaming\mozilla\firefox\profiles\i01rbt4a.default\minidumps [294 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.07.2013 at 12:44:27,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by bolzer56 (administrator) on 06-07-2013 12:48:14
Running from C:\Users\bolzer56\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-03-24] (Lenovo)
HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2011-03-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2011-03-24] (Lenovo(beijing) Limited)
HKCU\...\Run: [SCheck] "C:\Users\bolzer56\AppData\Roaming\SCheck\SCheck.exe" check [36864 2013-04-10] ()
HKCU\...\Run: [SSync] "C:\Users\bolzer56\AppData\Roaming\SSync\SSync.exe" [36864 2013-04-10] ()
HKCU\...\Run: [Intermediate] "C:\Users\bolzer56\AppData\Roaming\Intermediate\Intermediate.exe" [36864 2013-04-10] ()
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-03-24] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2010-12-05] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [224352 2010-12-05] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] "C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe" [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2013-06-09] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\bolzer56\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\Extensions\ich@maltegoetz.de
FF Extension: FoxyTunes - C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\Extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
FF Extension: WOT - C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: om - C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\Extensions\om@offermosquito.com.xpi
FF Extension: toolbar - C:\Users\bolzer56\AppData\Roaming\Mozilla\Firefox\Profiles\i01rbt4a.default\Extensions\toolbar@gmx.net.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\bolzer56\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Norton Identity Protection) - C:\Users\bolzer56\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
S3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-30] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-19] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2013-04-24] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2013-04-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130705.017\ENG64.SYS [126040 2013-05-30] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130705.017\ENG64.SYS [126040 2013-05-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130705.017\EX64.SYS [2098776 2013-05-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130705.017\EX64.SYS [2098776 2013-05-30] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-06 12:44 - 2013-07-06 12:44 - 00003824 ____A C:\Users\bolzer56\Desktop\JRT.txt
2013-07-06 12:27 - 2013-07-06 12:27 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 12:26 - 2013-07-06 12:26 - 00000000 ____D C:\JRT
2013-07-06 12:25 - 2013-07-06 12:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\bolzer56\Desktop\JRT.exe
2013-07-06 12:17 - 2013-07-06 12:19 - 00034258 ____A C:\AdwCleaner[S1].txt
2013-07-06 12:13 - 2013-07-06 12:13 - 00650027 ____A C:\Users\bolzer56\Desktop\adwcleaner.exe
2013-07-06 11:53 - 2013-07-06 11:53 - 00000000 ____D C:\FRST
2013-07-06 11:52 - 2013-07-06 11:52 - 01934636 ____A (Farbar) C:\Users\bolzer56\Desktop\FRST64.exe
2013-07-06 07:38 - 2013-07-06 07:38 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-07-06 07:38 - 2013-07-06 07:38 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-07-06 07:38 - 2013-05-09 10:59 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-07-06 07:38 - 2013-05-09 10:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-07-06 07:38 - 2013-05-09 10:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-07-06 07:37 - 2013-07-06 07:38 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-07-06 07:37 - 2013-07-06 07:38 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-07-06 07:37 - 2013-07-06 07:37 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-06 07:37 - 2013-05-09 10:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-07-06 07:37 - 2013-05-09 10:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-07-06 07:37 - 2013-05-09 10:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-07-06 07:37 - 2013-05-09 10:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-07-06 07:36 - 2013-07-06 07:36 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-06 07:35 - 2013-07-06 07:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 07:20 - 2013-07-06 07:35 - 117478104 ____A C:\Users\bolzer56\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-05 18:50 - 2013-07-06 12:20 - 00000224 ____A C:\Windows\setupact.log
2013-07-05 18:50 - 2013-07-06 11:19 - 00000884 ____A C:\Windows\PFRO.log
2013-07-05 18:50 - 2013-07-05 18:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-01 19:49 - 2013-07-01 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\SSync
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\SCheck
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Intermediate
2013-06-27 19:49 - 2013-07-06 06:51 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-06-27 19:49 - 2013-06-27 19:49 - 00000635 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-27 19:49 - 2013-06-27 19:49 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Common
2013-06-27 19:46 - 2013-06-27 19:46 - 00393056 ____A (Softonic ) C:\Users\bolzer56\Downloads\SoftonicDownloader_fuer_unity-web-player.exe
2013-06-27 19:39 - 2013-06-27 19:39 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Unity
2013-06-27 19:35 - 2013-07-01 18:59 - 00000000 ____D C:\Users\bolzer56\AppData\Local\Unity
2013-06-22 13:19 - 2013-06-22 13:19 - 01758824 ____A C:\Users\bolzer56\winrar-x64-420d.exe
2013-06-22 13:19 - 2013-06-22 13:19 - 00000000 ____D C:\Program Files\WinRAR
2013-06-22 13:17 - 2013-06-22 13:20 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\WinRAR
2013-06-22 13:16 - 2013-06-22 13:17 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-06-22 13:16 - 2013-06-22 13:16 - 01609146 ____A C:\Users\bolzer56\wrar420d.exe
2013-06-20 16:43 - 2013-06-20 16:43 - 00004944 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-20 16:43 - 2013-06-12 21:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 16:43 - 2013-06-12 21:43 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 16:43 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 16:43 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-16 11:03 - 2013-06-16 11:03 - 00000073 ____A C:\Windows\cdplayer.ini
2013-06-16 10:56 - 2013-06-16 10:56 - 00001534 ____A C:\ProgramData\ss.ini
2013-06-16 10:56 - 2013-06-16 10:56 - 00001002 ____A C:\Users\bolzer56\Desktop\FreeRIP.lnk
2013-06-16 10:54 - 2013-06-16 10:54 - 03504376 ____A C:\Users\bolzer56\Downloads\freeripmp3-setup.exe
2013-06-15 08:30 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 08:30 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-15 08:30 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 08:30 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 08:30 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 08:30 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 08:30 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 08:30 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-15 08:29 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 08:29 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 08:29 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 08:29 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 08:29 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 08:29 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 08:29 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 08:29 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 08:29 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 08:29 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 08:29 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 08:29 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 07:20 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 07:20 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 07:20 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 07:20 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 07:20 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 07:19 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 07:19 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 07:19 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 07:19 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 07:19 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 07:19 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 07:19 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 07:19 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 07:19 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 07:19 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 07:19 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-15 07:19 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-15 07:19 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-15 07:19 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 09:47 - 2013-06-09 09:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-09 09:46 - 2013-06-09 09:46 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-07 08:10 - 2013-06-07 08:10 - 00000000 ____D C:\Windows\Sun
2013-06-07 07:35 - 2013-07-06 12:19 - 01007968 ____A C:\Windows\WindowsUpdate.log
==================== One Month Modified Files and Folders =======
2013-07-06 12:44 - 2013-07-06 12:44 - 00003824 ____A C:\Users\bolzer56\Desktop\JRT.txt
2013-07-06 12:33 - 2013-06-07 07:35 - 01007968 ____A C:\Windows\WindowsUpdate.log
2013-07-06 12:29 - 2009-07-14 06:45 - 00013424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 12:29 - 2009-07-14 06:45 - 00013424 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 12:27 - 2013-07-06 12:27 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 12:26 - 2013-07-06 12:26 - 00000000 ____D C:\JRT
2013-07-06 12:25 - 2013-07-06 12:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\bolzer56\Desktop\JRT.exe
2013-07-06 12:21 - 2011-03-24 19:31 - 00000000 ____D C:\ProgramData\VeriFace
2013-07-06 12:20 - 2013-07-05 18:50 - 00000224 ____A C:\Windows\setupact.log
2013-07-06 12:20 - 2011-12-24 21:08 - 01811210 ____A C:\FaceProv.log
2013-07-06 12:20 - 2011-03-24 19:50 - 00614463 ____A C:\Windows\System32\fastboot.set
2013-07-06 12:20 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 12:19 - 2013-07-06 12:17 - 00034258 ____A C:\AdwCleaner[S1].txt
2013-07-06 12:13 - 2013-07-06 12:13 - 00650027 ____A C:\Users\bolzer56\Desktop\adwcleaner.exe
2013-07-06 12:07 - 2012-04-06 11:10 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 11:53 - 2013-07-06 11:53 - 00000000 ____D C:\FRST
2013-07-06 11:52 - 2013-07-06 11:52 - 01934636 ____A (Farbar) C:\Users\bolzer56\Desktop\FRST64.exe
2013-07-06 11:19 - 2013-07-05 18:50 - 00000884 ____A C:\Windows\PFRO.log
2013-07-06 08:37 - 2012-01-31 11:43 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-06 07:43 - 2012-01-31 11:43 - 00000000 ____D C:\Users\bolzer56\AppData\Local\Google
2013-07-06 07:38 - 2013-07-06 07:38 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-07-06 07:38 - 2013-07-06 07:38 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-07-06 07:38 - 2013-07-06 07:38 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-07-06 07:38 - 2013-07-06 07:37 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-07-06 07:38 - 2013-07-06 07:37 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-07-06 07:37 - 2013-07-06 07:37 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-06 07:36 - 2013-07-06 07:36 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-06 07:36 - 2013-07-06 07:35 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-06 07:35 - 2013-07-06 07:20 - 117478104 ____A C:\Users\bolzer56\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-06 07:35 - 2011-12-24 21:08 - 00000000 ____D C:\users\bolzer56
2013-07-06 06:51 - 2013-06-27 19:49 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-05 18:50 - 2013-07-05 18:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-01 19:49 - 2013-07-01 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 19:49 - 2013-05-24 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 18:59 - 2013-06-27 19:35 - 00000000 ____D C:\Users\bolzer56\AppData\Local\Unity
2013-07-01 18:50 - 2009-07-29 09:00 - 00000000 ____D C:\Windows\Panther
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\SSync
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\SCheck
2013-06-27 19:50 - 2013-06-27 19:50 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Intermediate
2013-06-27 19:49 - 2013-06-27 19:49 - 00000635 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-27 19:49 - 2013-06-27 19:49 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Common
2013-06-27 19:46 - 2013-06-27 19:46 - 00393056 ____A (Softonic ) C:\Users\bolzer56\Downloads\SoftonicDownloader_fuer_unity-web-player.exe
2013-06-27 19:39 - 2013-06-27 19:39 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\Unity
2013-06-22 13:20 - 2013-06-22 13:17 - 00000000 ____D C:\Users\bolzer56\AppData\Roaming\WinRAR
2013-06-22 13:19 - 2013-06-22 13:19 - 01758824 ____A C:\Users\bolzer56\winrar-x64-420d.exe
2013-06-22 13:19 - 2013-06-22 13:19 - 00000000 ____D C:\Program Files\WinRAR
2013-06-22 13:17 - 2013-06-22 13:16 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-06-22 13:16 - 2013-06-22 13:16 - 01609146 ____A C:\Users\bolzer56\wrar420d.exe
2013-06-20 16:48 - 2011-12-24 21:08 - 00000000 ____D C:\Users\bolzer56\AppData\Local\VirtualStore
2013-06-20 16:43 - 2013-06-20 16:43 - 00004944 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-20 16:43 - 2012-01-13 11:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-16 11:03 - 2013-06-16 11:03 - 00000073 ____A C:\Windows\cdplayer.ini
2013-06-16 10:56 - 2013-06-16 10:56 - 00001534 ____A C:\ProgramData\ss.ini
2013-06-16 10:56 - 2013-06-16 10:56 - 00001002 ____A C:\Users\bolzer56\Desktop\FreeRIP.lnk
2013-06-16 10:54 - 2013-06-16 10:54 - 03504376 ____A C:\Users\bolzer56\Downloads\freeripmp3-setup.exe
2013-06-15 13:09 - 2011-03-24 10:09 - 00654400 ____A C:\Windows\System32\perfh007.dat
2013-06-15 13:09 - 2011-03-24 10:09 - 00130240 ____A C:\Windows\System32\perfc007.dat
2013-06-15 13:09 - 2009-07-14 07:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-15 12:07 - 2012-04-06 11:10 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-15 12:07 - 2011-12-30 17:28 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-15 08:32 - 2012-01-10 10:43 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:48 - 2012-08-18 07:36 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-12 21:48 - 2012-01-13 11:02 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 21:47 - 2013-06-20 16:43 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 21:43 - 2013-06-20 16:43 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 21:43 - 2013-06-20 16:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 21:43 - 2013-06-20 16:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-09 09:47 - 2013-06-09 09:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-09 09:47 - 2012-01-13 11:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-09 09:46 - 2013-06-09 09:46 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-08 16:08 - 2013-06-15 08:29 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 08:29 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 08:29 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 08:29 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 08:29 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 08:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 08:29 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 08:29 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 08:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 08:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 08:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 08:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 16:30 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-07 09:03 - 2012-02-05 11:39 - 00000000 ____D C:\Users\bolzer56\AppData\Local\Adobe
2013-06-07 08:10 - 2013-06-07 08:10 - 00000000 ____D C:\Windows\Sun
Files to move or delete:
====================
C:\Users\bolzer56\avast_free_antivirus_setup_8.0.1489.300.exe
C:\Users\bolzer56\ccsetup314.exe
C:\Users\bolzer56\cdbxp_setup_4.4.0.2971.exe
C:\Users\bolzer56\Firefox_Setup_21.0.exe
C:\Users\bolzer56\GMX_Firefox_Setup.exe
C:\Users\bolzer56\norton_360_setup.exe
C:\Users\bolzer56\vlc-1.1.11-win32.exe
C:\Users\bolzer56\winrar-x64-420d.exe
C:\Users\bolzer56\wrar420d.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2009-07-29 08:01
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
richtig so?