Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Medung beim Hochfahren: TBupdater.dll ist nicht vorhanden (https://www.trojaner-board.de/138141-medung-beim-hochfahren-tbupdater-dll-vorhanden.html)

Herbertfi 15.07.2013 19:34
Here you are:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Herbert (administrator) on 15-07-2013 10:29:33
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
() C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfus.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfagent.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\x64\LiveKitLoader64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-07-14] (OCS)
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe"
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [1074736 2013-07-02] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-07-02] (Iminent)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1497120 2013-04-29] (SPAMfighter ApS)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
SearchScopes: HKCU - {1268E3F4-11EA-435A-9291-E59FC1AE8580} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4D7C11AC-9E75-4421-BE68-0B8EF9920E6B} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {81B6391D-C3E2-4289-895B-5BFD0FFB1090} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {85CA79EA-BFDD-4411-AB96-0B49EB2C028B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {D1E14777-4037-4E71-8934-C096971719F6} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {DD1510F1-1D88-4A84-9E93-529815FC6C94} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Herbert\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF user.js: detected! => C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Delta Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\ffxtlbr@delta.com
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: FireJump - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firejump@firejump.net
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: HomeTab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: webbooster - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\webbooster@iminent.com.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\firejump@firejump.net

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B66E001A7DDA710F&affID=119828&tsp=4943"
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (HomeTab) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\4.1
CHR Extension: (LyricsSpeaker) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgeophbbmfgkjghdgfgelpipdoclljo\1.120
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SearchAnonymizer; C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-07-14] ()
R2 SPAMfighter Update Service; C:\Program Files (x86)\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2729512 2013-07-02] (Iminent)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1281568 2013-05-29] (SPAMfighter ApS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:30 - 2013-07-14 18:32 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 08:55 - 2013-07-14 18:53 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-14 08:55 - 2013-07-14 08:56 - 00000000 ____D C:\Program Files (x86)\Fighters
2013-07-14 08:55 - 2013-07-14 08:55 - 00003660 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Iminent
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\ProgramData\Iminent
2013-07-14 08:54 - 2013-07-14 08:55 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-14 08:54 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2013-07-14 08:54 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:54 - 2013-07-14 07:55 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:48 - 2013-07-14 07:49 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:36 - 2013-07-13 06:37 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-14 08:54 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 09:02 - 2013-07-09 12:03 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-15 10:16 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-05 16:11 - 2013-07-14 18:52 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-15 06:16 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 09:40 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 09:40 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 09:40 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 09:40 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 09:40 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 09:40 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 09:40 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 09:40 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 09:40 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 09:40 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 09:40 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 09:40 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 09:40 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 09:40 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 09:40 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 09:40 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 09:40 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 09:40 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 09:40 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 09:40 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 09:40 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

2013-07-15 10:27 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-15 10:16 - 2013-07-05 16:11 - 00000928 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-07-15 10:14 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-15 09:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 09:16 - 2012-11-29 20:05 - 01609520 _____ C:\Windows\WindowsUpdate.log
2013-07-15 08:46 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-15 08:09 - 2013-02-01 17:43 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-15 07:14 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 06:54 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-15 06:16 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-15 06:03 - 2012-07-02 07:39 - 00891022 _____ C:\Users\Herbert\Desktop\SecurityCheck.exe
2013-07-15 04:37 - 2013-01-30 18:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-14 18:59 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-14 18:59 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-14 18:59 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:53 - 2013-07-14 08:55 - 00003436 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-14 18:52 - 2013-07-05 16:11 - 00000924 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-07-14 18:52 - 2013-05-13 09:14 - 00000368 _____ C:\Windows\Tasks\rbmonitor.job
2013-07-14 18:52 - 2013-01-30 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 18:52 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 18:51 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-14 18:36 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 18:32 - 2013-07-14 18:30 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 18:32 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-14 08:56 - 2013-07-14 08:55 - 00000000 ____D C:\Program Files (x86)\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\ProgramData\Fighters
2013-07-14 08:55 - 2013-07-14 08:55 - 00003660 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Iminent
2013-07-14 08:55 - 2013-07-14 08:55 - 00000000 ____D C:\ProgramData\Iminent
2013-07-14 08:55 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-14 08:55 - 2013-06-03 07:35 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-14 08:54 - 2013-07-14 08:54 - 00001462 _____ C:\Users\Herbert\Desktop\Amazon.lnk
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Opera
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\OCS
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\DesktopIconForAmazon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Delta
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\BabSolution
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\Babylon
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-14 08:54 - 2013-07-12 10:06 - 00003398 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-14 08:54 - 2013-02-01 22:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 08:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:55 - 2013-07-14 07:54 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:49 - 2013-07-14 07:48 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-14 07:49 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-13 07:15 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 07:09 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 07:09 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:37 - 2013-07-13 06:36 - 00042265 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:12 - 2012-11-29 03:11 - 00064044 _____ C:\Windows\PFRO.log
2013-07-12 10:08 - 2013-07-12 10:08 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 09:20 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-12 09:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 12:03 - 2013-07-06 09:02 - 00000292 _____ C:\Windows\Tasks\RegClean Prosch.job
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-06 09:02 - 2013-07-06 09:02 - 00003016 _____ C:\Windows\System32\Tasks\RegClean Prosch
2013-07-06 08:56 - 2013-07-06 08:56 - 00001057 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:11 - 2013-07-05 16:11 - 00003900 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-07-05 16:11 - 2013-07-05 16:11 - 00003664 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 00:57 - 2013-01-31 07:08 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-15 07:05 - 2013-01-31 08:56 - 00083968 ___SH C:\Users\Herbert\Desktop\Thumbs.db

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
--- --- ---

Gruß
Herbert

schrauber 15.07.2013 19:36
Probleme?

Lösche AdwCleaner, lade es neu:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Herbertfi 15.07.2013 20:40
AdwCleaner[S3].txt:
Code:
# AdwCleaner v2.305 - Datei am 15/07/2013 um 21:18:45 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Herbert - PCHERBERT
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Herbert\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : SearchAnonymizer
Gestoppt & Gelöscht : SProtection

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\webbooster@iminent.com.xpi
Gelöscht mit Neustart : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\Users\Herbert\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Herbert\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Herbert\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\extensions\firejump@firejump.net

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\90d88ce76eea12
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\90d88ce76eea12
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [firejump@firejump.net]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\prefs.js

Gelöscht : user_pref("browser.search.order.1", "Delta Search");
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "15");
Gelöscht : user_pref("extensions.delta.cntry", "AT");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "F6B2BD6A043C90E41EBC113D19570354");
Gelöscht : user_pref("extensions.delta.id", "b66ecb6c000000000000001a7dda710f");
Gelöscht : user_pref("extensions.delta.instlDay", "15900");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.58:54:52");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "azb");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.58:54:52");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119828&tsp=4943");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
Gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.3] : urls_to_restore_on_startup ="session": { "restore_on_startup": 4,  [ "hxxp://www1.delta-search.com[...]

*************************

AdwCleaner[R1].txt - [44070 octets] - [12/07/2013 10:06:00]
AdwCleaner[S1].txt - [45177 octets] - [12/07/2013 10:07:40]
AdwCleaner[S2].txt - [1473 octets] - [14/07/2013 07:54:43]
AdwCleaner[S3].txt - [31338 octets] - [15/07/2013 21:18:45]

########## EOF - C:\AdwCleaner[S3].txt - [31399 octets] ##########
Die Meldung beim Hochfahren TBupdater.dll ist nicht vorhanden" kommt jetzt nicht mehr.
Deltas Search ist aus dem Firefox verschwunden.
Im Suchfeld der Firefox Navigationsleiste habe ich Google an 1. Stelle eingestellt (wird auch angezeigt). Gesucht wird aber mit Yahoo. Kann es da irgendeinen Zusammenhang geben?

Beste Grüße
Herbert

schrauber 15.07.2013 20:42
Poste mal bitte ein frisches FRST log, ich entferne dann die Reste :)

Herbertfi 16.07.2013 07:04
Hallo Schrauber,
beim Start von FRST sollte ich wieder eine neue Version downloaden. Die Seite
"C:\Users\Herbert\AppData\Roaming\SimplyTech\home\home.htm" ist aber unbekannt. Daher alte Version verwendet:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Herbert (administrator) on 16-07-2013 08:02:06
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfus.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe
(Mirko Böer) C:\Program Files (x86)\AmP\AmP.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe"
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [x]
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32:  c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {1268E3F4-11EA-435A-9291-E59FC1AE8580} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4D7C11AC-9E75-4421-BE68-0B8EF9920E6B} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {81B6391D-C3E2-4289-895B-5BFD0FFB1090} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {85CA79EA-BFDD-4411-AB96-0B49EB2C028B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {D1E14777-4037-4E71-8934-C096971719F6} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {DD1510F1-1D88-4A84-9E93-529815FC6C94} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\google-at.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: jid0-VDpwfJLIL4nAyPYzCXINUSzP9Zw - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\jid0-VDpwfJLIL4nAyPYzCXINUSzP9Zw@jetpack.xpi
FF Extension: newtabgoogle - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome:
=======
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SPAMfighter Update Service; C:\Program Files (x86)\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]
S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 21:18 - 2013-07-15 21:19 - 00031345 _____ C:\AdwCleaner[S3].txt
2013-07-15 20:40 - 2013-07-15 20:40 - 00000000 ____D C:\Program Files\Classic Shell
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:30 - 2013-07-14 18:32 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2013-07-14 08:54 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:54 - 2013-07-14 07:55 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:48 - 2013-07-14 07:49 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:36 - 2013-07-15 10:30 - 00045979 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-15 20:32 - 00000000 ____D C:\FRST
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-15 21:19 - 00000196 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-15 06:16 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

==================== One Month Modified Files and Folders =======

2013-07-16 08:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-16 07:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-16 07:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 07:54 - 2013-02-01 17:43 - 00005142 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-16 07:44 - 2012-11-29 20:05 - 01682186 _____ C:\Windows\WindowsUpdate.log
2013-07-16 07:35 - 2013-01-30 18:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-16 07:31 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 21:50 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-15 21:24 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-15 21:22 - 2013-01-30 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 21:22 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 21:19 - 2013-07-15 21:18 - 00031345 _____ C:\AdwCleaner[S3].txt
2013-07-15 21:19 - 2013-07-12 10:08 - 00000196 _____ C:\Windows\DeleteOnReboot.bat
2013-07-15 21:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-15 21:14 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 20:40 - 2013-07-15 20:40 - 00000000 ____D C:\Program Files\Classic Shell
2013-07-15 20:32 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-15 20:30 - 2012-11-29 03:11 - 00105344 _____ C:\Windows\PFRO.log
2013-07-15 12:57 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-15 12:42 - 2013-06-03 07:34 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-07-15 12:41 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-15 10:34 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-15 10:30 - 2013-07-13 06:36 - 00045979 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-15 06:16 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-15 06:03 - 2012-07-02 07:39 - 00891022 _____ C:\Users\Herbert\Desktop\SecurityCheck.exe
2013-07-14 18:59 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-14 18:59 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-14 18:59 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:32 - 2013-07-14 18:30 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 18:32 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\ProgramData\Fighters
2013-07-14 08:55 - 2013-06-03 07:35 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:55 - 2013-07-14 07:54 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:50 - 2013-07-14 07:50 - 01777839 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-14 07:49 - 2013-07-14 07:48 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-14 07:49 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-13 07:15 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 07:09 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 07:09 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 __SHD C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 __SHD C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 __SHD C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 00:57 - 2013-01-31 07:08 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
--- --- ---


Gruß
Herbert

schrauber 16.07.2013 07:59
Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)


Noch probleme?

Herbertfi 16.07.2013 09:12
Hallo Schrauber,

update FRST jetzt gelungen.
Hier nochmals FRST.txt:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by Herbert (administrator) on 16-07-2013 10:10:03
Running from C:\Users\Herbert\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZilla server.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe
(MySQL AB) C:\xampp\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Greenshot\Greenshot.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(hxxp://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbnotifier.exe
(Mirko Böer) C:\Program Files (x86)\AmP\AmP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSACCESS.EXE
(SPAMfighter ApS) C:\Program Files (x86)\SPAMfighter\sfus.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13519432 2013-04-10] (Realtek Semiconductor)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herbert\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKCU\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKCU\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
MountPoints2: {c90218cf-754c-11e2-be86-902b34b9c341} - "G:\LaunchU3.exe" -a
MountPoints2: {ca808269-aea3-11e2-bea8-de85dd3799fb} - "G:\iLinker.exe"
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SPAMfighter Agent] - "C:\Program Files (x86)\SPAMfighter\SFAgent.exe" update delay 60 [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m [6512184 2012-06-20] (hxxp://www.android-sync.com)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SDTray] - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [sfagent] - C:\Program Files (x86)\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [x]
HKU\HerbertAdmin\...\Run: [Greenshot] - "C:\Program Files (x86)\Greenshot\Greenshot.exe" [548864 2010-07-12] ()
HKU\HerbertAdmin\...\Run: [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19676256 2013-06-06] (Google)
HKU\HerbertAdmin\...\Run: [GMX_GMX Upload-Manager] - "C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE" /hide [960608 2011-11-16] (1&1 Mail & Media GmbH)
HKU\HerbertAdmin\...\Run: [Speech Recognition] - "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [45056 2012-07-26] (Microsoft Corporation)
AppInit_DLLs-x32:  c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [45056 2012-07-26] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Start Menu\Programs\Startup\STK02N 2.4 PNP Monitor.lnk
ShortcutTarget: STK02N 2.4 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWow64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {1268E3F4-11EA-435A-9291-E59FC1AE8580} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4D7C11AC-9E75-4421-BE68-0B8EF9920E6B} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {81B6391D-C3E2-4289-895B-5BFD0FFB1090} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {85CA79EA-BFDD-4411-AB96-0B49EB2C028B} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {D1E14777-4037-4E71-8934-C096971719F6} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {DD1510F1-1D88-4A84-9E93-529815FC6C94} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e2af43f6-83a1-47a8-961c-da5471471ebf&pid=freewarede&mode=bounce&k=0
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

FireFox:
========
FF ProfilePath: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\gmx-suche-sterreich.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\google-at.xml
FF SearchPlugin: C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\searchplugins\suche-in-wikipedia.xml
FF Extension: TubeSaver - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\120
FF Extension: Ghostery - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\foxmarks@kei.com
FF Extension: Toggle Web Developer Toolbar - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
FF Extension: firebug - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: jid0-VDpwfJLIL4nAyPYzCXINUSzP9Zw - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\jid0-VDpwfJLIL4nAyPYzCXINUSzP9Zw@jetpack.xpi
FF Extension: newtabgoogle - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: treestyletab - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi
FF Extension: No Name - C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\0srbdi19.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome:
=======
CHR Extension: (Entanglement) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Google Docs) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Poppit) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Gmail) - C:\Users\Herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [29416 2009-12-20] (Apache Software Foundation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [1029776 2009-12-20] (FileZilla Project)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 MSSQL$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [6095504 2009-12-20] (MySQL AB)
R2 ReportServer$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSRS11.SQLHERBERT\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348472 2012-06-12] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SPAMfighter Update Service; C:\Program Files (x86)\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
S4 SQLAgent$SQLHERBERT; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\SQLAGENT.EXE [608696 2012-06-12] (Microsoft Corporation)
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
R3 MSSQLFDLauncher$SQLHERBERT; "C:\Program Files\Microsoft SQL Server\MSSQL11.SQLHERBERT\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.SQLHERBERT [x]
S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-19] (Windows (R) Server 2003 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-09] (Windows (R) Win 7 DDK provider)
R3 SSCBFS3; C:\Windows\System32\drivers\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-16 10:09 - 2013-07-16 10:09 - 01778135 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-15 21:18 - 2013-07-15 21:19 - 00031345 _____ C:\AdwCleaner[S3].txt
2013-07-15 20:40 - 2013-07-15 20:40 - 00000000 ____D C:\Program Files\Classic Shell
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:30 - 2013-07-14 18:32 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:54 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2013-07-14 08:54 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:54 - 2013-07-14 07:55 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:48 - 2013-07-14 07:49 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-13 06:36 - 2013-07-15 10:30 - 00045979 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-13 06:35 - 2013-07-15 20:32 - 00000000 ____D C:\FRST
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-15 21:19 - 00000196 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 10:07 - 2013-07-12 10:08 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-10 04:57 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 04:57 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 04:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 04:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 04:56 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 04:56 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 04:56 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 04:56 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 04:56 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 04:56 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 04:52 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-10 04:52 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 08:50 - 2013-07-10 17:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:51 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-06 08:20 - 2013-07-06 08:23 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-02 14:31 - 2013-07-02 14:32 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:17 - 2012-02-11 08:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:08 - 2013-06-29 18:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-07-06 08:25 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:26 - 2013-05-24 14:45 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:26 - 2013-04-13 06:58 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:26 - 2013-03-27 11:02 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Google
2013-06-29 17:26 - 2013-02-13 16:21 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:24 - 2013-07-06 08:26 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:24 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:24 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Google
2013-06-29 17:24 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:23 - 2013-07-06 08:25 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-06-29 17:23 - 2013-06-29 18:18 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-05-24 14:45 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Macromedia
2013-06-29 17:23 - 2013-04-13 06:58 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Roaming\Adobe
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\LocalGoogle
2013-06-29 17:23 - 2013-03-27 11:02 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Google
2013-06-29 17:23 - 2013-02-13 16:21 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT\AppData\Local\Microsoft Help
2013-06-29 17:20 - 2012-02-11 10:03 - 00046168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 10:02 - 00045656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00055384 _____ (Microsoft Corporation) C:\Windows\system32\perf-ReportServer$SQLHERBERT-rsctr11.0.2100.60.dll
2013-06-29 17:20 - 2012-02-11 08:44 - 00054360 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL11.SQLHERBERT-sqlagtctr.dll
2013-06-29 17:19 - 2012-02-11 10:03 - 00082520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll
2013-06-29 17:19 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll
2013-06-29 17:19 - 2012-02-11 08:44 - 00095832 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLHERBERT-sqlctr11.0.2100.60.dll
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:11 - 2013-07-15 06:16 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-06-29 17:10 - 2013-06-29 17:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-24 15:24 - 2013-06-24 15:25 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-23 20:21 - 2013-06-24 15:52 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-19 09:08 - 2013-06-20 10:02 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:09 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-17 05:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-06-16 06:47 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-16 06:47 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-16 06:47 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-16 06:47 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-16 06:47 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-16 06:47 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-16 06:47 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

==================== One Month Modified Files and Folders =======

2013-07-16 10:09 - 2013-07-16 10:09 - 01778135 _____ (Farbar) C:\Users\Herbert\Desktop\FRST64.exe
2013-07-16 10:02 - 2012-11-29 20:05 - 01702207 _____ C:\Windows\WindowsUpdate.log
2013-07-16 10:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-16 10:01 - 2010-05-27 18:31 - 00000000 ____D C:\Users\Herbert\Documents\Outlook-Dateien
2013-07-16 09:55 - 2013-02-01 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 09:14 - 2013-02-01 02:49 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 08:51 - 2013-02-01 17:43 - 00005144 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCHerbert-Herbert PCHerbert
2013-07-16 08:31 - 2013-02-01 03:43 - 00000000 ____D C:\Program Files (x86)\SPAMfighter
2013-07-16 08:26 - 2013-01-30 18:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001
2013-07-16 07:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-16 07:31 - 2013-02-01 02:49 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 21:50 - 2009-11-30 17:40 - 00000000 ____D C:\Users\Herbert\Documents\PhraseExpress
2013-07-15 21:22 - 2013-01-30 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 21:22 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 21:19 - 2013-07-15 21:18 - 00031345 _____ C:\AdwCleaner[S3].txt
2013-07-15 21:19 - 2013-07-12 10:08 - 00000196 _____ C:\Windows\DeleteOnReboot.bat
2013-07-15 21:18 - 2013-01-13 13:09 - 00000000 ____D C:\Users\Herbert\.VirtualBox
2013-07-15 20:40 - 2013-07-15 20:40 - 00000000 ____D C:\Program Files\Classic Shell
2013-07-15 20:32 - 2013-07-13 06:35 - 00000000 ____D C:\FRST
2013-07-15 20:30 - 2012-11-29 03:11 - 00105344 _____ C:\Windows\PFRO.log
2013-07-15 12:42 - 2013-06-03 07:34 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-07-15 12:41 - 2013-02-09 10:23 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\FileZilla
2013-07-15 10:34 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert\AppData\Local\Packages
2013-07-15 10:30 - 2013-07-13 06:36 - 00045979 _____ C:\Users\Herbert\Desktop\Addition.txt
2013-07-15 06:25 - 2013-07-15 06:25 - 00008192 ____H C:\Windows\SysWOW64\cmd.suo
2013-07-15 06:25 - 2013-07-15 06:25 - 00000967 _____ C:\Windows\SysWOW64\cmd.sln
2013-07-15 06:20 - 2013-07-15 06:20 - 00000958 _____ C:\Users\Herbert\Desktop\SecurityCheck checkup.txt
2013-07-15 06:16 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2010
2013-07-15 06:03 - 2012-07-02 07:39 - 00891022 _____ C:\Users\Herbert\Desktop\SecurityCheck.exe
2013-07-14 18:59 - 2012-11-29 19:56 - 00851434 _____ C:\Windows\system32\perfh007.dat
2013-07-14 18:59 - 2012-11-29 19:56 - 00194494 _____ C:\Windows\system32\perfc007.dat
2013-07-14 18:59 - 2012-07-26 09:28 - 02027878 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 18:57 - 2013-07-14 18:57 - 02347384 _____ (ESET) C:\Users\Herbert\Desktop\esetsmartinstaller_enu.exe
2013-07-14 18:32 - 2013-07-14 18:30 - 00000000 ____D C:\Windows\system32\MRT
2013-07-14 18:32 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Fighters
2013-07-14 08:56 - 2013-02-01 04:25 - 00000000 ____D C:\ProgramData\Fighters
2013-07-14 08:55 - 2013-06-03 07:35 - 00001530 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-14 08:54 - 2013-07-14 08:54 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-14 08:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 08:04 - 2013-07-14 08:04 - 00003056 _____ C:\Users\Herbert\Desktop\JRT.txt
2013-07-14 08:01 - 2013-07-14 08:01 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Herbert\Desktop\JRT.exe
2013-07-14 08:01 - 2013-07-14 08:01 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 07:55 - 2013-07-14 07:54 - 00001473 _____ C:\AdwCleaner[S2].txt
2013-07-14 07:52 - 2013-07-14 07:52 - 00662345 _____ C:\Users\Herbert\Desktop\adwcleaner.exe
2013-07-14 07:49 - 2013-07-14 07:48 - 01777839 _____ (Farbar) C:\Users\Herbert\Downloads\FRST64.exe
2013-07-14 07:49 - 2013-05-28 08:31 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{395F05FD-1EED-4524-AD44-212D0444F148}
2013-07-13 07:15 - 2013-02-01 02:50 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 07:09 - 2013-02-01 02:49 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 07:09 - 2013-02-01 02:49 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 06:54 - 2013-07-13 06:54 - 00000732 _____ C:\Users\Herbert\Desktop\Ereignisse.txt
2013-07-12 20:31 - 2013-02-09 10:18 - 00000000 ____D C:\Users\Herbert\AppData\Local\Paint.NET
2013-07-12 15:35 - 2013-07-12 15:35 - 00006152 _____ C:\Windows\DPINST.LOG
2013-07-12 15:35 - 2013-07-12 15:35 - 00000000 ____D C:\Program Files\DIFX
2013-07-12 15:34 - 2012-07-26 09:21 - 00034876 _____ C:\Windows\setupact.log
2013-07-12 10:12 - 2013-07-12 10:12 - 00434344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 10:08 - 2013-07-12 10:07 - 00045177 _____ C:\AdwCleaner[S1].txt
2013-07-12 10:06 - 2013-07-12 10:06 - 00044070 _____ C:\AdwCleaner[R1].txt
2013-07-12 10:05 - 2013-07-12 10:05 - 00001090 _____ C:\Users\Herbert\Desktop\Continue Download Helper Installation.lnk
2013-07-12 09:27 - 2013-07-12 09:27 - 00000000 _____ C:\Users\Herbert\defogger_reenable
2013-07-12 09:27 - 2013-01-30 18:44 - 00000000 ____D C:\Users\Herbert
2013-07-12 07:43 - 2013-05-24 14:45 - 00000000 ____D C:\Users\Herbert\AppData\Local\Adobe
2013-07-12 07:42 - 2013-02-01 21:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-12 07:38 - 2013-06-03 07:35 - 00004088 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-12 07:38 - 2013-06-03 07:34 - 00004118 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:31 - 2013-05-20 07:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 20:55 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 08:10 - 2013-01-31 15:19 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\SQLyog
2013-07-10 17:43 - 2013-05-29 14:04 - 00001097 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-10 17:04 - 2013-07-09 08:50 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-10 07:27 - 2013-03-12 12:44 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-07-10 07:27 - 2013-03-12 12:44 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-07-10 07:27 - 2013-02-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-07-10 07:27 - 2013-02-03 18:31 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-07-10 07:24 - 2013-01-31 13:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 07:20 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 04:59 - 2013-02-28 19:59 - 00007607 _____ C:\Users\Herbert\AppData\Local\Resmon.ResmonCfg
2013-07-10 04:52 - 2013-06-14 09:16 - 00001083 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 08:51 - 2013-07-09 08:50 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-09 08:50 - 2013-07-09 08:50 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-09 08:50 - 2013-07-09 08:50 - 00001045 _____ C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2013-07-09 08:50 - 2013-07-09 08:50 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Spyware Terminator
2013-07-08 15:41 - 2013-02-01 02:32 - 00000000 ____D C:\Program Files (x86)\SugarSync
2013-07-06 08:26 - 2013-06-29 17:24 - 00000000 ____D C:\Users\MSSQLFDLauncher$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:26 - 00000000 ____D C:\Users\ReportServer$SQLHERBERT
2013-07-06 08:25 - 2013-06-29 17:23 - 00000000 ____D C:\Users\MSSQL$SQLHERBERT
2013-07-06 08:24 - 2012-07-26 07:26 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 112984064 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-07-06 08:24 - 2012-07-26 07:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-07-06 08:23 - 2013-07-06 08:20 - 00004248 _____ C:\Windows\system32\ASOROSet.bin
2013-07-06 08:22 - 2012-07-26 07:26 - 00094208 _____ C:\Windows\system32\config\SAM.bak
2013-07-06 08:20 - 2013-07-06 08:20 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-05 17:05 - 2013-07-05 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-05 16:10 - 2013-07-05 16:10 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\MyPhoneExplorer
2013-07-05 07:33 - 2013-07-05 07:33 - 00000215 _____ C:\Users\Herbert\Desktop\javascripthideDiv('popupDiv');.URL
2013-07-04 15:58 - 2013-07-10 04:52 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-04 15:57 - 2013-07-10 04:52 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-07-04 15:57 - 2013-07-04 15:57 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-07-04 15:56 - 2013-07-04 15:56 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-07-03 06:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-02 14:32 - 2013-07-02 14:31 - 00397312 _____ C:\Users\Herbert\Documents\ae130702.accdb
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-07-02 07:21 - 2013-07-02 07:21 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-07-02 07:20 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2013-07-02 07:20 - 2013-06-03 07:34 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-02 07:13 - 2013-02-22 15:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-07-02 07:13 - 2013-01-31 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-06-29 18:29 - 2013-06-29 18:29 - 00001350 _____ C:\Users\Herbert\Desktop\SQL Server Management Studio.lnk
2013-06-29 18:26 - 2013-06-29 18:26 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Microsoft Corporation
2013-06-29 18:18 - 2013-06-29 17:23 - 00000000 ____D C:\Users\Herbert\Documents\SQL Server Management Studio
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Windows\SysWOW64\1031
2013-06-29 18:10 - 2013-06-29 18:10 - 00000000 ____D C:\Users\Herbert\Documents\Visual Studio 2012
2013-06-29 18:10 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-06-29 18:09 - 2013-06-29 18:09 - 00000000 ____D C:\Windows\system32\1031
2013-06-29 18:09 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-06-29 18:09 - 2012-11-29 20:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Windows\symbols
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-06-29 18:08 - 2013-06-29 18:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-06-29 18:08 - 2013-02-22 15:13 - 00000000 ____D C:\Windows\system32\1033
2013-06-29 18:08 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-06-29 17:38 - 2013-06-29 17:38 - 00000000 ____D C:\Users\Herbert\AppData\Local\Microsoft_Corporation
2013-06-29 17:26 - 2013-06-29 17:26 - 00000020 ___SH C:\Users\ReportServer$SQLHERBERT\ntuser.ini
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Vorlagen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Startmenü
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Eigene Dateien
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Druckumgebung
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:26 - 2013-06-29 17:26 - 00000000 _SHDL C:\Users\ReportServer$SQLHERBERT\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000020 ___SH C:\Users\MSSQLFDLauncher$SQLHERBERT\ntuser.ini
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Vorlagen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Startmenü
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Eigene Dateien
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Druckumgebung
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:24 - 2013-06-29 17:24 - 00000000 _SHDL C:\Users\MSSQLFDLauncher$SQLHERBERT\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000020 ___SH C:\Users\MSSQL$SQLHERBERT\ntuser.ini
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Vorlagen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Startmenü
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Netzwerkumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Lokale Einstellungen
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Eigene Dateien
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Druckumgebung
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Musik
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Documents\Eigene Bilder
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\AppData\Local\Verlauf
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\AppData\Local\Anwendungsdaten
2013-06-29 17:23 - 2013-06-29 17:23 - 00000000 _SHDL C:\Users\MSSQL$SQLHERBERT\Anwendungsdaten
2013-06-29 17:19 - 2012-12-20 02:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-06-29 17:16 - 2013-06-29 17:16 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-06-29 17:14 - 2013-06-29 17:14 - 00000000 ____D C:\Windows\system32\RsFx
2013-06-29 17:12 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-06-29 17:10 - 2013-06-29 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-28 18:13 - 2013-01-31 15:57 - 00000333 _____ C:\Windows\ODBC.INI
2013-06-28 15:00 - 2013-05-17 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 15:00 - 2013-01-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 00:04 - 2013-01-31 07:33 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-31 07:33 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-27 07:14 - 2013-06-03 07:34 - 00031816 _____ C:\Windows\Launcher.exe
2013-06-26 17:57 - 2013-06-26 17:57 - 00003133 _____ C:\Users\Herbert\Desktop\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00003093 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom UI Editor For Microsoft Office.lnk
2013-06-26 17:57 - 2013-06-26 17:57 - 00000000 ____D C:\Program Files (x86)\CustomUIEditor
2013-06-26 07:51 - 2013-06-26 07:51 - 04815135 _____ (FileZilla Project) C:\Users\Herbert\Downloads\FileZilla_3.7.1_win32-setup.exe
2013-06-26 07:51 - 2013-02-09 10:23 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-06-24 15:52 - 2013-06-23 20:21 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\calibre
2013-06-24 15:25 - 2013-06-24 15:24 - 00000000 ____D C:\Users\Herbert\AppData\Local\calibre-cache
2013-06-24 12:01 - 2013-05-06 11:36 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 00:57 - 2013-01-31 07:08 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-23 20:21 - 2013-06-23 20:21 - 00000967 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2013-06-23 20:21 - 2013-06-23 20:21 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-06-22 08:53 - 2013-06-22 08:53 - 00001136 _____ C:\Users\Public\Desktop\UPC Install Master.lnk
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 __HDC C:\ProgramData\{A79D03BF-C5DB-49B2-AD5F-6CED14FFE4D6}
2013-06-22 08:53 - 2013-06-22 08:53 - 00000000 ____D C:\Program Files (x86)\UPC Austria
2013-06-20 10:02 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Roaming\Apple Computer
2013-06-19 14:57 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-19 09:09 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple Computer
2013-06-19 09:08 - 2013-06-19 09:08 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Users\Herbert\AppData\Local\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\ProgramData\Apple
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Safari
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-19 09:08 - 2013-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-19 09:08 - 2013-01-31 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-06-18 20:14 - 2013-02-01 21:01 - 00000734 _____ C:\Users\Herbert\Sti_Trace.log
2013-06-18 15:22 - 2012-11-21 19:27 - 00000000 ____D C:\Users\Herbert\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-17 10:27 - 2013-06-17 10:27 - 00003105 _____ C:\Users\Herbert\Desktop\Word 2007 Content Control Toolkit.lnk
2013-06-17 10:27 - 2013-06-17 10:27 - 00003065 _____ C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2007 Content Control Toolkit.lnk
2013-06-16 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-16 17:13 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-16 17:12 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 07:56

==================== End Of Log ============================
--- --- ---


Aktuell habe ich keine Probleme mehr.
Wenn du auch zufrieden bist: Vielen Dank für deine Unterstützung

Herzliche Grüße
Herbert

schrauber 16.07.2013 10:58
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Herbertfi 16.07.2013 12:37
Servus Schrauber,

jetzt ist alles paletti! Danke!
Deine "Tipps zur Absicherung deines Systems" würde ich gerne (mit Quellangabe) auf meine Website stellen (TIPPFARM), wenn du einverstanden bist.
Bitte um Genehmigung!

Nochmals herzlichen Dank für die Unterstützung!
Gruß
Herbert

URL Tippfarm wird in meinem Beitrag leider nicht angezeigt. Daher ohne Link: hxxp://tinyurl.com/tippfarm-st35.

schrauber 16.07.2013 13:28
Gern Geschehen :)

Mit der anfrage bitte mal an Da Guru, den Admin wenden. Kann aber dauern bis er antwortet :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:17 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131