Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free anti-malware download
Datenbank Version: v2013.08.16.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Tomisuperstar :: LAPTOP [Administrator]
Schutz: Aktiviert
16.08.2013 18:28:29
mbam-log-2013-08-16 (18-28-29).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 228109
Laufzeit: 7 Minute(n), 21 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Habe ich :-)
Meine Schutzsoftware deaktiviere ich dann nach mbam und AdwCleaner,oder? Soll ich dann auch sicherheitshalber die Internetverbindung trennen?
gruß
AdwCleaner Logfile:
Code:
# AdwCleaner v2.306 - Datei am 16/08/2013 um 18:48:18 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Tomisuperstar - LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tomisuperstar\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\jetpack
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16660
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2142 octets] - [16/08/2013 18:48:18]
########## EOF - C:\AdwCleaner[R1].txt - [2202 octets] ##########
--- --- ---
soweit so gut :-)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.6 (08.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tomisuperstar on 16.08.2013 at 19:26:59,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
~~~ Files
Successfully deleted: [File] "C:\windows\s.bat"
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Tomisuperstar\AppData\Roaming\mozilla\firefox\profiles\js8tw02i.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Tomisuperstar\AppData\Roaming\mozilla\firefox\profiles\js8tw02i.default\extensions\fhdp@fhdp.tv.xpi
Emptied folder: C:\Users\Tomisuperstar\AppData\Roaming\mozilla\firefox\profiles\js8tw02i.default\minidumps [67 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.08.2013 at 19:40:54,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2013 01
Ran by Tomisuperstar (administrator) on 16-08-2013 20:11:44
Running from C:\Users\Tomisuperstar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Elaborate Bytes AG) C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [16414824 2010-02-04] (NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [Facebook Update] - C:\Users\Tomisuperstar\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [LG LinkAir] - [x]
MountPoints2: {34d4729f-74a9-11e0-bd82-f07bcbc687df} - E:\Set-up.exe
MountPoints2: {a524b68e-ad71-11e2-8e8d-f07bcbc687df} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {ce9f34aa-bd6e-11e2-9c24-f07bcbc687df} - G:\LGAutoRun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2009-09-15] (Vimicro)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [171104 2010-03-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HTC Sync Loader] - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM-x32\...\Run: [NPSStartup] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1655568 2013-07-19] (Simply Super Software)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\Default\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk
ShortcutTarget: Microtek Scanner Finder.lnk -> C:\Program Files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=924
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default
FF NewTab: hxxp://www.google.com/firefox
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Tomisuperstar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\searchplugins\youtube.xml
FF Extension: TVU Web Player - C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\Extensions\firefox@tvunetworks.com
FF Extension: WOT - C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Bitdefender QuickScan - C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: extension - C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\Extensions\extension@hidemyass.com.xpi
FF Extension: No Name - C:\Users\Tomisuperstar\AppData\Roaming\Mozilla\Firefox\Profiles\js8tw02i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-03-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-03-06] (LG Electronics Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-08] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-08] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-23] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-08-13] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-13] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-13] (Symantec Corporation)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130815.022\ENG64.SYS [126040 2013-08-13] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130815.022\ENG64.SYS [126040 2013-08-13] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130815.022\EX64.SYS [2098776 2013-08-13] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130815.022\EX64.SYS [2098776 2013-08-13] (Symantec Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 scsiscan; C:\Windows\System32\DRIVERS\scsiscan.sys [17920 2009-07-14] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [207232 2009-11-09] (Vimicro Corporation)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
S2 ASPI32; No ImagePath
U2 IviRegMgr;
U2 RichVideo;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 19:26 - 2013-08-16 19:26 - 00000000 ____D C:\windows\ERUNT
2013-08-16 18:52 - 2013-08-16 18:52 - 01159319 _____ (Thisisu) C:\Users\Tomisuperstar\Downloads\JRT.exe
2013-08-16 18:48 - 2013-08-16 18:48 - 00002263 _____ C:\AdwCleaner[R1].txt
2013-08-16 17:34 - 2013-08-16 17:34 - 00000000 ____D C:\Users\TOMISU~1\AppData\Local\CrashDumps
2013-08-16 15:33 - 2013-08-16 15:34 - 00028036 _____ C:\Users\Tomisuperstar\Desktop\Addition.txt
2013-08-16 15:32 - 2013-08-16 15:32 - 00000000 ____D C:\FRST
2013-08-16 15:31 - 2013-08-16 15:31 - 01575798 _____ (Farbar) C:\Users\Tomisuperstar\Desktop\FRST64.exe
2013-08-16 14:38 - 2013-08-16 14:38 - 00000000 ____D C:\Users\Tomisuperstar\Desktop\Aschraf Bauvorhaben
2013-08-16 14:19 - 2013-08-16 14:19 - 03651244 _____ C:\Users\Tomisuperstar\Desktop\Aschraf Bauvorhaben.zip
2013-08-14 21:55 - 2013-08-14 21:55 - 04745728 _____ (AVAST Software) C:\Users\Tomisuperstar\Downloads\aswMBR.exe
2013-08-14 20:46 - 2013-08-14 21:55 - 04745728 _____ (AVAST Software) C:\Users\Tomisuperstar\Downloads\aswMBR1.exe
2013-08-14 20:35 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-08-14 20:35 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-08-14 20:35 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-08-14 20:35 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-08-14 20:35 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-08-14 20:35 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-08-14 20:35 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-08-14 20:35 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-08-14 20:35 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-08-14 20:35 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-08-14 20:35 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-08-14 20:35 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-08-14 20:35 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-08-14 20:35 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 20:34 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-08-14 20:07 - 2013-08-14 20:18 - 00000000 ____D C:\AdwCleaner
2013-08-14 20:06 - 2013-08-16 18:28 - 00666633 _____ C:\Users\Tomisuperstar\Downloads\adwcleaner.exe
2013-08-14 14:52 - 2013-08-14 14:53 - 00602112 _____ (OldTimer Tools) C:\Users\Tomisuperstar\Downloads\OTL.exe
2013-08-14 12:49 - 2013-08-14 12:49 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\QuickScan
2013-08-14 10:45 - 2013-08-14 10:45 - 00001282 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-08-14 10:45 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSKMAD.sys
2013-08-14 10:43 - 2013-08-14 10:43 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-08-14 09:57 - 2013-08-14 09:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-14 09:56 - 2013-08-14 09:56 - 02347384 _____ (ESET) C:\Users\Tomisuperstar\Downloads\esetsmartinstaller_deu.exe
2013-08-14 09:38 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-08-14 09:38 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-08-14 09:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-08-14 09:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-08-14 09:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-08-14 09:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-08-14 09:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-08-14 09:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-08-14 09:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2013-08-14 09:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-08-14 09:37 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-08-14 09:37 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-08-14 09:37 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-08-14 09:37 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-08-14 09:37 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-08-14 09:37 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-08-14 09:37 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-08-14 09:37 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-08-14 09:37 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-08-14 09:37 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-08-14 09:37 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-08-14 09:37 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-08-14 09:37 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-08-14 09:37 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-08-14 09:37 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-08-14 09:37 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-08-14 09:37 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2013-08-13 23:34 - 2013-08-13 23:34 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security
2013-08-13 23:33 - 2013-08-13 23:33 - 00177312 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2013-08-13 23:33 - 2013-08-13 23:33 - 00007631 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2013-08-13 23:33 - 2013-08-13 23:33 - 00003234 _____ C:\windows\System32\Tasks\Norton WSC Integration
2013-08-13 23:33 - 2013-08-13 23:33 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-08-13 23:32 - 2013-08-13 23:32 - 00002573 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-13 23:31 - 2013-08-13 23:33 - 00000000 ____D C:\ProgramData\Norton
2013-08-13 23:31 - 2013-08-13 23:31 - 00000000 ____D C:\windows\system32\Drivers\NISx64
2013-08-13 23:31 - 2013-08-13 23:31 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-08-13 23:19 - 2013-08-13 23:23 - 171066848 ____N (Symantec Corporation) C:\Users\Tomisuperstar\Downloads\NIS-ESD-20-4-0-40-GE.exe
2013-08-13 13:30 - 2013-08-14 09:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-13 13:30 - 2013-08-13 13:30 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-08-13 13:30 - 2013-08-13 13:30 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2013-08-13 13:30 - 2013-08-13 13:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-13 13:30 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2013-08-13 13:20 - 2013-08-13 13:21 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Tomisuperstar\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-13 12:58 - 2013-08-13 12:58 - 00001139 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Users\Tomisuperstar\Documents\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-08-13 12:56 - 2013-08-13 12:57 - 23334896 _____ (Simply Super Software ) C:\Users\Tomisuperstar\Downloads\trjsetup_688.exe
2013-08-10 20:11 - 2013-08-10 20:11 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Malwarebytes
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 20:11 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-08-10 20:08 - 2013-08-10 20:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tomisuperstar\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-08 21:27 - 2013-08-08 21:27 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-08-08 21:27 - 2013-05-09 10:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-08-01 14:24 - 2013-08-14 20:24 - 00000000 ____D C:\windows\system32\MRT
2013-07-26 16:39 - 2013-07-26 16:39 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-26 16:39 - 2013-07-26 16:39 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-26 16:27 - 2013-08-14 20:41 - 00000672 _____ C:\windows\setupact.log
2013-07-26 16:27 - 2013-08-14 17:39 - 00014838 _____ C:\windows\PFRO.log
2013-07-26 16:27 - 2013-07-26 16:27 - 00000000 _____ C:\windows\setuperr.log
2013-07-26 16:24 - 2013-07-26 16:24 - 00003148 _____ C:\windows\System32\Tasks\SidebarExecute
2013-07-21 03:43 - 2013-07-21 03:45 - 00050688 ___SH C:\Users\Tomisuperstar\Downloads\Thumbs.db
==================== One Month Modified Files and Folders =======
2013-08-16 20:05 - 2011-09-24 20:33 - 00001170 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-659485152-3501342131-3040374156-1004UA.job
2013-08-16 19:40 - 2013-08-16 19:40 - 00002202 _____ C:\Users\Tomisuperstar\Desktop\JRT.txt
2013-08-16 19:26 - 2013-08-16 19:26 - 00000000 ____D C:\windows\ERUNT
2013-08-16 19:22 - 2010-05-20 01:43 - 02020037 _____ C:\windows\WindowsUpdate.log
2013-08-16 19:15 - 2012-08-04 21:08 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-08-16 19:15 - 2011-12-21 16:18 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-16 19:12 - 2011-06-14 18:48 - 00000000 ____D C:\Users\TOMISU~1\AppData\Local\PokerStars.EU
2013-08-16 18:52 - 2013-08-16 18:52 - 01159319 _____ (Thisisu) C:\Users\Tomisuperstar\Downloads\JRT.exe
2013-08-16 18:48 - 2013-08-16 18:48 - 00002263 _____ C:\AdwCleaner[R1].txt
2013-08-16 18:28 - 2013-08-14 20:06 - 00666633 _____ C:\Users\Tomisuperstar\Downloads\adwcleaner.exe
2013-08-16 17:34 - 2013-08-16 17:34 - 00000000 ____D C:\Users\TOMISU~1\AppData\Local\CrashDumps
2013-08-16 15:34 - 2013-08-16 15:33 - 00028036 _____ C:\Users\Tomisuperstar\Desktop\Addition.txt
2013-08-16 15:32 - 2013-08-16 15:32 - 00000000 ____D C:\FRST
2013-08-16 15:31 - 2013-08-16 15:31 - 01575798 _____ (Farbar) C:\Users\Tomisuperstar\Desktop\FRST64.exe
2013-08-16 15:15 - 2011-12-21 16:18 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-16 14:38 - 2013-08-16 14:38 - 00000000 ____D C:\Users\Tomisuperstar\Desktop\Aschraf Bauvorhaben
2013-08-16 14:19 - 2013-08-16 14:19 - 03651244 _____ C:\Users\Tomisuperstar\Desktop\Aschraf Bauvorhaben.zip
2013-08-16 10:41 - 2011-05-06 21:23 - 00000000 ____D C:\Users\Tomisuperstar\Documents\Rechnungen
2013-08-16 08:39 - 2011-09-24 20:33 - 00001148 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-659485152-3501342131-3040374156-1004Core.job
2013-08-16 08:33 - 2011-04-23 15:34 - 19400200 _____ C:\FaceProv.log
2013-08-15 19:21 - 2009-07-14 06:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-15 19:21 - 2009-07-14 06:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-14 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-08-14 21:55 - 2013-08-14 21:55 - 04745728 _____ (AVAST Software) C:\Users\Tomisuperstar\Downloads\aswMBR.exe
2013-08-14 21:55 - 2013-08-14 20:46 - 04745728 _____ (AVAST Software) C:\Users\Tomisuperstar\Downloads\aswMBR1.exe
2013-08-14 20:44 - 2013-01-29 18:20 - 00000000 ____D C:\Users\TOMISU~1\AppData\Local\Htc
2013-08-14 20:43 - 2012-10-12 17:31 - 00000428 ____H C:\windows\Tasks\OptimizerPro1UpdaterTask{4AC9E589-3DFD-442E-915F-84A12EA26761}.job
2013-08-14 20:42 - 2009-07-29 09:00 - 00000000 ____D C:\windows\Panther
2013-08-14 20:42 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-14 20:41 - 2013-07-26 16:27 - 00000672 _____ C:\windows\setupact.log
2013-08-14 20:34 - 2010-05-20 02:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 20:30 - 2010-05-19 17:28 - 00701108 _____ C:\windows\system32\perfh007.dat
2013-08-14 20:30 - 2010-05-19 17:28 - 00147762 _____ C:\windows\system32\perfc007.dat
2013-08-14 20:30 - 2009-07-14 07:13 - 01651908 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-14 20:24 - 2013-08-01 14:24 - 00000000 ____D C:\windows\system32\MRT
2013-08-14 20:22 - 2011-06-01 20:08 - 78161360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-08-14 20:18 - 2013-08-14 20:07 - 00000000 ____D C:\AdwCleaner
2013-08-14 17:39 - 2013-07-26 16:27 - 00014838 _____ C:\windows\PFRO.log
2013-08-14 14:53 - 2013-08-14 14:52 - 00602112 _____ (OldTimer Tools) C:\Users\Tomisuperstar\Downloads\OTL.exe
2013-08-14 13:34 - 2012-12-17 15:44 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-08-14 12:49 - 2013-08-14 12:49 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\QuickScan
2013-08-14 10:45 - 2013-08-14 10:45 - 00001282 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2013-08-14 10:43 - 2013-08-14 10:43 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-08-14 09:57 - 2013-08-14 09:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-14 09:56 - 2013-08-14 09:56 - 02347384 _____ (ESET) C:\Users\Tomisuperstar\Downloads\esetsmartinstaller_deu.exe
2013-08-14 09:22 - 2013-08-13 13:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-13 23:52 - 2011-05-02 14:24 - 00000000 ____D C:\Users\Tomisuperstar\Downloads\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage-TIw
2013-08-13 23:34 - 2013-08-13 23:34 - 00000000 ____D C:\windows\System32\Tasks\Norton Internet Security
2013-08-13 23:33 - 2013-08-13 23:33 - 00177312 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2013-08-13 23:33 - 2013-08-13 23:33 - 00007631 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2013-08-13 23:33 - 2013-08-13 23:33 - 00003234 _____ C:\windows\System32\Tasks\Norton WSC Integration
2013-08-13 23:33 - 2013-08-13 23:33 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-08-13 23:33 - 2013-08-13 23:31 - 00000000 ____D C:\ProgramData\Norton
2013-08-13 23:32 - 2013-08-13 23:32 - 00002573 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-13 23:31 - 2013-08-13 23:31 - 00000000 ____D C:\windows\system32\Drivers\NISx64
2013-08-13 23:31 - 2013-08-13 23:31 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-08-13 23:23 - 2013-08-13 23:19 - 171066848 ____N (Symantec Corporation) C:\Users\Tomisuperstar\Downloads\NIS-ESD-20-4-0-40-GE.exe
2013-08-13 13:30 - 2013-08-13 13:30 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-08-13 13:30 - 2013-08-13 13:30 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2013-08-13 13:30 - 2013-08-13 13:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-13 13:21 - 2013-08-13 13:20 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Tomisuperstar\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-13 12:58 - 2013-08-13 12:58 - 00001139 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Users\Tomisuperstar\Documents\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-08-13 12:58 - 2013-08-13 12:58 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-08-13 12:57 - 2013-08-13 12:56 - 23334896 _____ (Simply Super Software ) C:\Users\Tomisuperstar\Downloads\trjsetup_688.exe
2013-08-10 20:11 - 2013-08-10 20:11 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Malwarebytes
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-10 20:11 - 2013-08-10 20:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-10 20:09 - 2013-08-10 20:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tomisuperstar\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-10 15:14 - 2011-08-04 04:52 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Orbit
2013-08-10 15:14 - 2011-04-23 17:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-10 15:14 - 2011-04-23 17:06 - 00000000 ____D C:\Users\Tomisuperstar\AppData\Roaming\Skype
2013-08-10 15:14 - 2011-04-23 17:05 - 00000000 ____D C:\ProgramData\Skype
2013-08-08 21:27 - 2013-08-08 21:27 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-08-08 21:27 - 2013-08-08 21:27 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-08-08 21:27 - 2011-04-23 15:43 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-08-08 21:27 - 2011-04-23 15:43 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-08-08 21:27 - 2011-04-23 15:43 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-08-02 19:17 - 2011-12-21 16:18 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-26 16:39 - 2013-07-26 16:39 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-26 16:39 - 2013-07-26 16:39 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-26 16:39 - 2013-01-22 01:18 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-26 16:39 - 2013-01-22 01:18 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-26 16:39 - 2012-06-18 18:13 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-26 16:39 - 2011-07-01 22:35 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-26 16:39 - 2011-07-01 22:35 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-26 16:27 - 2013-07-26 16:27 - 00000000 _____ C:\windows\setuperr.log
2013-07-26 16:24 - 2013-07-26 16:24 - 00003148 _____ C:\windows\System32\Tasks\SidebarExecute
2013-07-26 07:13 - 2013-08-14 20:35 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 20:35 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 20:35 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 20:35 - 19239424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 15405056 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 20:35 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-14 20:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 20:35 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 20:35 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 20:35 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-26 05:12 - 2013-08-14 20:34 - 14329344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-26 05:11 - 2013-08-14 20:35 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 20:35 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 20:35 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 20:35 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 20:35 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 11:25 - 2013-08-14 09:37 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 09:37 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-24 00:41 - 2011-06-14 18:48 - 00000000 ____D C:\Program Files (x86)\PokerStars
2013-07-21 03:45 - 2013-07-21 03:43 - 00050688 ___SH C:\Users\Tomisuperstar\Downloads\Thumbs.db
2013-07-21 03:42 - 2011-04-26 15:43 - 00000000 ____D C:\Users\Tomisuperstar\Downloads\images
2013-07-19 03:58 - 2013-08-14 09:38 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-14 09:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 14:22
==================== End Of Log ============================
--- --- ---
--- --- ---