Nervige Werbung: 'Ads not by this site'-Problem

schrauber · 23.07.2013, 21:01

Firefox deinstallieren, keine Daten behalten, neu installieren, testen.

dann ein frisches FRST log bitte.

UltimateBert · 24.07.2013, 00:49

Wie krieg' ich vorher Lesezeichen und Passwörter gerettet?

Also, ich denke, ich habe doch einen Weg gefunden, die Browserdaten zu retten, indem ich vorher das Profil aufs Desktop kopiert habe. Dank FF-Support weiß ich jetzt, welche Dateien ich später (nach Neuinstallation) ersetzen muss, damit ich wieder an meine Passwörter und Lesezeichen rankomme. Anbei noch die FRST-Logs:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by Bert (administrator) on 24-07-2013 01:33:27
Running from C:\Users\Bert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1497816 2013-06-18] (COMODO)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKCU\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKCU\...\Run: [SandboxieControl] - C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe                                                                                                                                                                                                         [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [ZALFree] - "C:\Program Files (x86)\Zemana AntiLogger\AntiLogger Free.exe" /MINIMIZED [12999984 2013-07-18] (Zemana Ltd.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [emsisoft anti-malware] - "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60 [2928040 2013-07-02] (Emsisoft GmbH)
HKU\Administrator\...\Run: [Advanced SystemCare 5] - "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart [619352 2011-12-30] (IObit)
HKU\Administrator\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [x]
HKU\Administrator\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar\Rainlendar2.exe [2555392 2012-10-25] ()
HKU\Administrator\...\Run: [VeohPlugin] - "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2816328 2011-10-26] (Veoh Networks)
HKU\Administrator\...\Run: [MSCS] - C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe /autorun [978944 2011-12-11] (MAXA Research Int'l Inc.)
HKU\Administrator\...\Run: [SandboxieControl] - "C:\PROGRAM FILES\SANDBOXIE\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(2).dll [89936 2013-07-18] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(2).dll [82696 2013-07-18] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AdFender.lnk
ShortcutTarget: AdFender.lnk -> C:\Program Files (x86)\AdFender\AdFender.exe (AdFender, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
BootExecute: fSDKBtDfSDKBtsdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=198484&fr=spigot-yhp-ie
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {62403BF9-B85D-4453-ACF4-965285CA2C99} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Advanced SystemCare\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} 
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} 
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://de.search.yahoo.com?type=800236&fr=spigot-yhp-ch"
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare\BrowerProtect\ASC_GhromePluginFor6.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S4 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [574272 2013-04-18] (IObit)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6181504 2013-06-18] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
S4 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
S4 OODefragAgent; C:\Program Files\OO Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PURANDEFRAGS.EXE [292736 2012-08-13] (Puran Software)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 Firefox Service; 
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
S2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-23] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-23] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [708632 2013-06-18] (COMODO)
S1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2013-06-18] (COMODO)
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-06-18] (COMODO)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-18] (Zemana Ltd.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\A795.tmp [6144 2009-06-18] (Sophos Plc)
S3 MEMSWEEP2; C:\windows\system32\A795.tmp [6144 2009-06-18] (Sophos Plc)
S2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-20] (Windows (R) 2003 DDK 3790 provider)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
S2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 rm; \??\C:\windows\system32\drivers\rm.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-24 01:19 - 2013-07-24 01:20 - 00001733 _____ C:\AdwCleaner[S15].txt
2013-07-24 01:19 - 2013-07-24 01:19 - 00001670 _____ C:\AdwCleaner[R12].txt
2013-07-24 01:14 - 2013-07-24 01:15 - 00000000 ___SD C:\32788R22FWJFW
2013-07-24 01:03 - 2013-07-24 01:04 - 31714216 _____ (Oracle Corporation) C:\Users\Bert\Downloads\jre-7u25-windows-i586.exe
2013-07-24 00:58 - 2013-07-24 00:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-24 00:47 - 2013-07-24 01:27 - 00000168 _____ C:\windows\setupact.log
2013-07-24 00:47 - 2013-07-24 00:47 - 00000000 _____ C:\windows\setuperr.log
2013-07-24 00:15 - 2013-07-24 00:15 - 00000000 ____D C:\Users\Bert\Desktop\searchplugins
2013-07-24 00:10 - 2013-07-24 00:27 - 00000000 ____D C:\Users\Bert\Desktop\z3g57ncr.default-1372852164624
2013-07-24 00:10 - 2013-07-23 23:59 - 10485760 _____ C:\Users\Bert\Desktop\places.sqlite
2013-07-24 00:10 - 2013-07-23 23:59 - 00327680 _____ C:\Users\Bert\Desktop\signons.sqlite
2013-07-24 00:10 - 2013-07-23 23:58 - 00016384 _____ C:\Users\Bert\Desktop\key3.db
2013-07-24 00:10 - 2013-07-14 01:00 - 00007044 _____ C:\Users\Bert\Desktop\FEBEresults.html
2013-07-24 00:00 - 2013-07-24 00:01 - 00025830 _____ C:\Users\Bert\Desktop\Passwörter (TEST).txt
2013-07-23 23:58 - 2013-07-23 23:58 - 00059042 _____ C:\Users\Bert\Desktop\passwordfox_136.zip
2013-07-23 23:57 - 2013-07-23 23:57 - 00228277 _____ C:\Users\Bert\Desktop\webbrowser143passview.zip
2013-07-23 23:49 - 2013-07-23 23:50 - 22262896 _____ (Mozilla) C:\Users\Bert\Downloads\Firefox_Setup_23.0b8.exe
2013-07-23 23:49 - 2013-07-23 23:49 - 24250211 _____ (Mozilla) C:\Users\Bert\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-07-23 23:36 - 2013-07-23 23:36 - 01026152 _____ C:\Users\Bert\Desktop\bookmarks.html
2013-07-23 23:35 - 2013-07-23 23:35 - 00678664 _____ C:\Users\Bert\Desktop\bookmarks-2013-07-23.json
2013-07-23 22:23 - 2013-07-24 00:46 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-23 22:23 - 2013-07-23 22:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\stflt.sys
2013-07-23 22:23 - 2013-07-23 22:23 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Spyware Terminator
2013-07-23 22:23 - 2013-07-23 22:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-23 15:18 - 2013-07-23 15:18 - 01779447 _____ (Farbar) C:\Users\Bert\Desktop\FRST64.exe
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-23 13:56 - 2013-07-23 13:56 - 00377856 _____ C:\Users\Bert\Desktop\gmer_2.1.19163.exe
2013-07-23 13:51 - 2013-07-23 13:53 - 00724952 _____ C:\Users\Bert\Desktop\avenger.zip
2013-07-23 13:24 - 2013-07-23 13:24 - 00001247 _____ C:\Users\Administrator\Desktop\SpyDLLRemover.lnk
2013-07-23 12:56 - 2013-07-23 13:24 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-07-23 12:56 - 2013-07-23 12:56 - 00001247 _____ C:\Users\Administrator\Desktop\SpyBHORemover.lnk
2013-07-23 05:35 - 2013-07-23 05:41 - 255018056 _____ (Norman AS) C:\Users\Bert\Desktop\Norman_Malware_Cleaner.exe
2013-07-23 04:12 - 2013-07-23 04:12 - 00000000 ____D C:\Program Files (x86)\BootkitRemovalTool
2013-07-23 03:33 - 2013-07-23 03:33 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-23 03:30 - 2013-07-23 03:32 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-23 03:24 - 2013-07-23 03:25 - 20553576 _____ (Simply Super Software                                       ) C:\Users\Bert\Desktop\trjsetup687.exe
2013-07-23 03:22 - 2013-07-23 03:23 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Bert\Desktop\spywareblastersetup50.exe
2013-07-23 03:22 - 2013-07-23 03:22 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Bert\Desktop\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-23 03:21 - 2013-07-23 03:22 - 21516064 _____ (IObit                                                       ) C:\Users\Bert\Desktop\imf-setup_2.0.5.0.exe
2013-07-23 03:20 - 2013-07-23 03:20 - 00618912 _____ (www.download-sponsor.de) C:\Users\Bert\Desktop\tfinstall_universal.exe
2013-07-23 03:18 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\A795.tmp
2013-07-23 03:15 - 2013-07-23 03:17 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bert\Desktop\spybot-2.1.exe
2013-07-23 03:07 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\windows\system32\B74D.tmp
2013-07-23 03:01 - 2013-07-24 01:12 - 00055432 _____ C:\windows\WindowsUpdate.log
2013-07-23 02:47 - 2013-07-23 02:47 - 00039015 _____ C:\ComboFix.txt
2013-07-23 02:21 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2013-07-23 02:21 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2013-07-23 02:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2013-07-23 02:21 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2013-07-23 02:20 - 2013-07-23 02:47 - 00000000 ____D C:\Qoobox
2013-07-23 02:15 - 2013-07-23 02:15 - 05091940 ____R (Swearware) C:\Users\Bert\Desktop\ComboFix.exe
2013-07-23 01:27 - 2013-07-23 01:27 - 00002742 _____ C:\AdwCleaner[S14].txt
2013-07-23 01:26 - 2013-07-23 01:26 - 00002679 _____ C:\AdwCleaner[R11].txt
2013-07-22 19:59 - 2013-07-22 20:00 - 00000000 ____D C:\56793e0a4fd0078f320ad77a323185
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Opera Software
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Local\Opera Software
2013-07-22 19:32 - 2013-07-22 19:32 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-07-22 19:32 - 2013-05-31 20:00 - 00127488 _____ C:\windows\system32\ff_vfw.dll
2013-07-22 19:32 - 2012-06-09 19:21 - 00206336 _____ C:\windows\system32\unrar64.dll
2013-07-22 19:32 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2013-07-22 19:26 - 2013-07-22 19:29 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:47 - 2013-07-22 16:48 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:31 - 2013-07-22 16:32 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:03 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2013-07-22 04:03 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2013-07-22 04:03 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2013-07-22 04:03 - 2013-03-29 17:10 - 00449481 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2013-07-22 04:03 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2013-07-22 04:03 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2013-07-22 04:03 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
2013-07-22 04:03 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2013-07-22 04:03 - 2013-03-25 17:32 - 03180264 _____ C:\windows\system32\Drivers\rtvienna.dat
2013-07-22 04:03 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2013-07-22 04:03 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2013-07-22 04:03 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2013-07-22 04:03 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2013-07-22 04:03 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2013-07-22 04:03 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2013-07-22 04:03 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2013-07-22 04:03 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2013-07-22 04:03 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2013-07-22 04:03 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2013-07-22 04:03 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2013-07-22 04:03 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2013-07-22 04:03 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2013-07-22 04:03 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2013-07-22 04:03 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2013-07-22 04:03 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2013-07-22 04:03 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2013-07-22 04:03 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2013-07-22 04:03 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2013-07-22 04:02 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2013-07-22 04:02 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2013-07-22 04:02 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2013-07-22 04:01 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2013-07-22 04:01 - 2013-01-16 16:02 - 02079816 _____ (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll
2013-07-22 04:01 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 18:21 - 2013-07-21 18:22 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 17:34 - 2013-07-21 17:51 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 16:56 - 2013-07-22 01:47 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-21 16:06 - 2013-07-24 01:27 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 15:37 - 2013-07-24 00:52 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:37 - 2013-07-21 15:46 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:37 - 2013-07-21 15:46 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-07-21 15:37 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-07-21 15:36 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-21 15:02 - 2013-07-23 03:04 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 03:52 - 2013-07-21 04:32 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ____D C:\VTRoot
2013-07-21 02:50 - 2013-07-21 04:32 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 02:48 - 2013-07-21 02:50 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:30 - 2013-07-21 03:21 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\Bert\Documents\APNSetup.exe
2013-07-21 02:19 - 2013-07-21 06:00 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 00:46 - 2013-07-21 01:31 - 00000000 ____D C:\windows\erdnt
2013-07-20 12:53 - 2013-07-20 12:54 - 00000000 ____D C:\EEK
2013-07-20 11:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-20 00:30 - 2013-07-21 08:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-20 00:25 - 2013-07-21 00:05 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-18 21:38 - 2013-07-19 11:44 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-16 05:40 - 2013-07-21 03:36 - 00000000 ____D C:\Program Files\Unlocker
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 04:42 - 2013-07-16 05:27 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 02:49 - 2013-07-16 03:32 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-15 22:52 - 2013-07-22 20:10 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-15 17:47 - 2013-07-22 16:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-11 23:48 - 2013-07-11 23:51 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:14 - 2013-07-10 00:16 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2012-12-20 22:24 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\windows\system32\Drivers\athrx.sys
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:09 - 2013-07-10 00:12 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-07-10 00:42 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:02 - 2013-07-20 19:10 - 00000000 ____D C:\Program Files\Supercopier
2013-07-10 00:02 - 2012-12-27 01:26 - 00805088 _____ (Realtek                                            ) C:\windows\system32\Drivers\Rt64win7.sys
2013-07-10 00:02 - 2012-12-27 01:26 - 00074344 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2013-07-10 00:00 - 2013-07-21 00:26 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-09 23:58 - 2013-07-16 03:57 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-04 00:16 - 2013-07-14 01:00 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-03 16:39 - 2013-07-03 16:44 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:17 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:13 - 2013-07-02 17:18 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-28 00:11 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-06-27 01:54 - 2013-07-21 15:46 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 21:52 - 2013-07-21 00:26 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}

==================== One Month Modified Files and Folders =======

2013-07-24 01:29 - 2012-06-07 11:56 - 00262144 _____ C:\windows\system32\Ikeext.etl
2013-07-24 01:27 - 2013-07-24 00:47 - 00000168 _____ C:\windows\setupact.log
2013-07-24 01:27 - 2013-07-21 16:06 - 00000324 _____ C:\windows\Tasks\GlaryInitialize.job
2013-07-24 01:27 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-24 01:26 - 2011-11-15 20:29 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Mozilla
2013-07-24 01:22 - 2011-11-19 16:47 - 00000000 ____D C:\Users\Bert\.rainlendar2
2013-07-24 01:20 - 2013-07-24 01:19 - 00001733 _____ C:\AdwCleaner[S15].txt
2013-07-24 01:19 - 2013-07-24 01:19 - 00001670 _____ C:\AdwCleaner[R12].txt
2013-07-24 01:15 - 2013-07-24 01:14 - 00000000 ___SD C:\32788R22FWJFW
2013-07-24 01:12 - 2013-07-23 03:01 - 00055432 _____ C:\windows\WindowsUpdate.log
2013-07-24 01:04 - 2013-07-24 01:03 - 31714216 _____ (Oracle Corporation) C:\Users\Bert\Downloads\jre-7u25-windows-i586.exe
2013-07-24 00:59 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 00:59 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 00:58 - 2013-07-24 00:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-24 00:52 - 2013-07-21 15:37 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-24 00:47 - 2013-07-24 00:47 - 00000000 _____ C:\windows\setuperr.log
2013-07-24 00:46 - 2013-07-23 22:23 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-24 00:27 - 2013-07-24 00:10 - 00000000 ____D C:\Users\Bert\Desktop\z3g57ncr.default-1372852164624
2013-07-24 00:17 - 2013-02-08 12:37 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 00:15 - 2013-07-24 00:15 - 00000000 ____D C:\Users\Bert\Desktop\searchplugins
2013-07-24 00:01 - 2013-07-24 00:00 - 00025830 _____ C:\Users\Bert\Desktop\Passwörter (TEST).txt
2013-07-23 23:59 - 2013-07-24 00:10 - 10485760 _____ C:\Users\Bert\Desktop\places.sqlite
2013-07-23 23:59 - 2013-07-24 00:10 - 00327680 _____ C:\Users\Bert\Desktop\signons.sqlite
2013-07-23 23:58 - 2013-07-24 00:10 - 00016384 _____ C:\Users\Bert\Desktop\key3.db
2013-07-23 23:58 - 2013-07-23 23:58 - 00059042 _____ C:\Users\Bert\Desktop\passwordfox_136.zip
2013-07-23 23:57 - 2013-07-23 23:57 - 00228277 _____ C:\Users\Bert\Desktop\webbrowser143passview.zip
2013-07-23 23:50 - 2013-07-23 23:49 - 22262896 _____ (Mozilla) C:\Users\Bert\Downloads\Firefox_Setup_23.0b8.exe
2013-07-23 23:49 - 2013-07-23 23:49 - 24250211 _____ (Mozilla) C:\Users\Bert\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-07-23 23:36 - 2013-07-23 23:36 - 01026152 _____ C:\Users\Bert\Desktop\bookmarks.html
2013-07-23 23:35 - 2013-07-23 23:35 - 00678664 _____ C:\Users\Bert\Desktop\bookmarks-2013-07-23.json
2013-07-23 23:15 - 2011-11-16 10:08 - 00000000 ____D C:\Users\Bert\AppData\Local\CrashDumps
2013-07-23 22:23 - 2013-07-23 22:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\stflt.sys
2013-07-23 22:23 - 2013-07-23 22:23 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Spyware Terminator
2013-07-23 22:23 - 2013-07-23 22:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-23 16:10 - 2011-11-15 22:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\vlc
2013-07-23 15:19 - 2011-11-19 17:17 - 00000000 ____D C:\Users\Administrator
2013-07-23 15:18 - 2013-07-23 15:18 - 01779447 _____ (Farbar) C:\Users\Bert\Desktop\FRST64.exe
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 __SHD C:\windows\SysWOW64\AI_RecycleBin
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\Reason
2013-07-23 13:56 - 2013-07-23 13:56 - 00377856 _____ C:\Users\Bert\Desktop\gmer_2.1.19163.exe
2013-07-23 13:53 - 2013-07-23 13:51 - 00724952 _____ C:\Users\Bert\Desktop\avenger.zip
2013-07-23 13:24 - 2013-07-23 13:24 - 00001247 _____ C:\Users\Administrator\Desktop\SpyDLLRemover.lnk
2013-07-23 13:24 - 2013-07-23 12:56 - 00000000 ____D C:\Program Files (x86)\SecurityXploded
2013-07-23 12:56 - 2013-07-23 12:56 - 00001247 _____ C:\Users\Administrator\Desktop\SpyBHORemover.lnk
2013-07-23 05:41 - 2013-07-23 05:35 - 255018056 _____ (Norman AS) C:\Users\Bert\Desktop\Norman_Malware_Cleaner.exe
2013-07-23 04:39 - 2011-11-15 22:18 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-23 04:12 - 2013-07-23 04:12 - 00000000 ____D C:\Program Files (x86)\BootkitRemovalTool
2013-07-23 03:46 - 2011-11-15 22:18 - 00000000 ____D C:\Users\Bert\Documents\Anti-Malware
2013-07-23 03:33 - 2013-07-23 03:33 - 00000000 ____D C:\windows\System32\Tasks\COMODO
2013-07-23 03:32 - 2013-07-23 03:30 - 00000000 ___SD C:\ProgramData\Shared Space
2013-07-23 03:25 - 2013-07-23 03:24 - 20553576 _____ (Simply Super Software                                       ) C:\Users\Bert\Desktop\trjsetup687.exe
2013-07-23 03:23 - 2013-07-23 03:22 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\Bert\Desktop\spywareblastersetup50.exe
2013-07-23 03:22 - 2013-07-23 03:22 - 05049344 _____ (Crawler.com                                                 ) C:\Users\Bert\Desktop\SpywareTerminatorSetup_3.0.0.82.exe
2013-07-23 03:22 - 2013-07-23 03:21 - 21516064 _____ (IObit                                                       ) C:\Users\Bert\Desktop\imf-setup_2.0.5.0.exe
2013-07-23 03:20 - 2013-07-23 03:20 - 00618912 _____ (www.download-sponsor.de) C:\Users\Bert\Desktop\tfinstall_universal.exe
2013-07-23 03:17 - 2013-07-23 03:15 - 36271144 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bert\Desktop\spybot-2.1.exe
2013-07-23 03:04 - 2013-07-21 15:02 - 00000000 ____D C:\Program Files (x86)\Junkware Removal Tool
2013-07-23 02:47 - 2013-07-23 02:47 - 00039015 _____ C:\ComboFix.txt
2013-07-23 02:47 - 2013-07-23 02:20 - 00000000 ____D C:\Qoobox
2013-07-23 02:45 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2013-07-23 02:15 - 2013-07-23 02:15 - 05091940 ____R (Swearware) C:\Users\Bert\Desktop\ComboFix.exe
2013-07-23 02:01 - 2011-11-15 20:15 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Macromedia
2013-07-23 01:36 - 2013-06-04 11:39 - 00000000 ____D C:\Program Files (x86)\AdWareCleaner
2013-07-23 01:27 - 2013-07-23 01:27 - 00002742 _____ C:\AdwCleaner[S14].txt
2013-07-23 01:26 - 2013-07-23 01:26 - 00002679 _____ C:\AdwCleaner[R11].txt
2013-07-23 00:47 - 2012-04-26 21:35 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-07-23 00:45 - 2012-11-04 17:51 - 00000000 ____D C:\Program Files (x86)\ThreatFire
2013-07-22 20:10 - 2013-07-15 22:52 - 00000000 ____D C:\Users\Bert\Desktop\Elfriede Jelinek - Neid
2013-07-22 20:06 - 2011-11-16 18:57 - 00000000 ____D C:\Program Files (x86)\Opera
2013-07-22 20:00 - 2013-07-22 19:59 - 00000000 ____D C:\56793e0a4fd0078f320ad77a323185
2013-07-22 19:58 - 2011-11-15 22:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-22 19:56 - 2011-11-19 17:05 - 00000000 ____D C:\Program Files (x86)\Prozess Manager
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Opera Software
2013-07-22 19:44 - 2013-07-22 19:44 - 00000000 ____D C:\Users\Bert\AppData\Local\Opera Software
2013-07-22 19:32 - 2013-07-22 19:32 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-07-22 19:29 - 2013-07-22 19:26 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 19:00 - 2011-07-29 06:05 - 00696870 _____ C:\windows\system32\perfh007.dat
2013-07-22 19:00 - 2011-07-29 06:05 - 00148134 _____ C:\windows\system32\perfc007.dat
2013-07-22 19:00 - 2009-07-14 07:13 - 01612484 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-22 17:21 - 2013-07-22 17:21 - 00003108 _____ C:\windows\System32\Tasks\{52A44EB5-8B6C-4DED-854C-7508DAB59319}
2013-07-22 17:13 - 2013-07-22 17:13 - 00003106 _____ C:\windows\System32\Tasks\{AE3C16E4-0F4D-4972-8A98-CE970C563718}
2013-07-22 17:07 - 2013-07-22 17:07 - 00003200 _____ C:\windows\System32\Tasks\{B731165D-DFA0-477A-807B-6426A31A9672}
2013-07-22 17:05 - 2013-07-22 17:05 - 00003100 _____ C:\windows\System32\Tasks\{509B46B2-466E-4EE9-846C-9A3D86EEE8AD}
2013-07-22 16:48 - 2013-07-22 16:47 - 00001601 _____ C:\AdwCleaner[S2].txt
2013-07-22 16:46 - 2013-07-22 16:46 - 00001539 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:37 - 2013-07-15 17:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-22 16:32 - 2013-07-22 16:31 - 00003842 _____ C:\AdwCleaner[S1].txt
2013-07-22 16:30 - 2013-07-22 16:30 - 00003838 _____ C:\AdwCleaner[R1].txt
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\windows\system32\SRSLabs
2013-07-22 04:04 - 2013-07-22 04:04 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 04:04 - 2011-07-29 01:49 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2013-07-22 01:47 - 2013-07-21 16:56 - 00000000 ____D C:\Users\Bert\Documents\Trojaner-Board
2013-07-22 01:16 - 2013-07-22 01:16 - 00000000 ____D C:\FRST
2013-07-21 22:01 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-07-21 18:22 - 2013-07-21 18:21 - 00000000 ____D C:\Program Files\ExtMan (IconTweak)
2013-07-21 17:54 - 2013-06-04 11:11 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2013-07-21 17:51 - 2013-07-21 17:34 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IcoFX2X
2013-07-21 17:48 - 2013-07-21 17:48 - 00003186 _____ C:\windows\System32\Tasks\{9544E3BB-C36F-45F9-8CCB-F04A5417C807}
2013-07-21 16:06 - 2013-07-21 16:06 - 00002600 _____ C:\windows\System32\Tasks\GlaryInitialize
2013-07-21 16:06 - 2011-11-16 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2013-07-21 15:46 - 2013-07-21 15:37 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-21 15:46 - 2013-07-21 15:37 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-21 15:46 - 2013-06-28 00:11 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-21 15:46 - 2013-06-27 01:54 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 15:37 - 2012-11-04 17:05 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 15:35 - 2012-11-04 17:03 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 09:05 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-07-21 08:00 - 2013-07-20 00:30 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-21 08:00 - 2012-07-13 13:04 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Launchy
2013-07-21 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2013-07-21 06:00 - 2013-07-21 06:00 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-07-21 06:00 - 2013-07-21 02:19 - 00000000 ____D C:\ProgramData\Avira
2013-07-21 04:32 - 2013-07-21 03:52 - 00040534 _____ C:\windows\system32\Drivers\fvstore.dat
2013-07-21 04:32 - 2013-07-21 02:50 - 00389937 _____ C:\windows\system32\Drivers\sfi.dat
2013-07-21 03:52 - 2013-07-21 03:52 - 00000000 ____D C:\VTRoot
2013-07-21 03:36 - 2013-07-16 05:40 - 00000000 ____D C:\Program Files\Unlocker
2013-07-21 03:21 - 2013-07-21 02:30 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-21 02:50 - 2013-07-21 02:48 - 00000000 ____D C:\ProgramData\Comodo
2013-07-21 02:48 - 2013-07-21 02:48 - 00000000 ____D C:\Program Files\COMODO
2013-07-21 02:35 - 2013-07-21 02:35 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdiplus.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2013-07-21 02:35 - 2013-07-21 02:35 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2013-07-21 02:28 - 2013-07-21 02:28 - 00000000 ____D C:\ProgramData\Comodo Downloader
2013-07-21 02:19 - 2011-11-16 07:51 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-21 02:00 - 2011-11-15 19:48 - 00000000 ____D C:\Users\Bert
2013-07-21 01:43 - 2013-07-21 01:43 - 00001130 _____ C:\DelFix.txt
2013-07-21 01:40 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-21 01:31 - 2013-07-21 00:46 - 00000000 ____D C:\windows\erdnt
2013-07-21 00:39 - 2012-11-16 10:35 - 00000444 _____ C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
2013-07-21 00:30 - 2011-11-15 20:01 - 00000000 ___RD C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-21 00:28 - 2012-09-05 14:32 - 00002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 00:27 - 2012-11-16 10:35 - 00003314 _____ C:\windows\System32\Tasks\Wise Registry Cleaner Schedule Task
2013-07-21 00:26 - 2013-07-10 00:00 - 00003214 _____ C:\windows\System32\Tasks\Driver Booster Update
2013-07-21 00:26 - 2013-06-25 21:52 - 00002966 _____ C:\windows\System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6}
2013-07-21 00:16 - 2011-11-26 22:40 - 00000000 ____D C:\ProgramData\Giraffic
2013-07-21 00:13 - 2011-11-26 22:40 - 00000000 ____D C:\Program Files (x86)\Giraffic
2013-07-21 00:05 - 2013-07-20 00:25 - 00000000 ____D C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-20 19:10 - 2013-07-10 00:02 - 00000000 ____D C:\Program Files\Supercopier
2013-07-20 12:54 - 2013-07-20 12:53 - 00000000 ____D C:\EEK
2013-07-20 02:21 - 2013-02-08 12:37 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-07-20 02:21 - 2013-02-08 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-20 02:21 - 2013-02-08 12:37 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-07-20 00:43 - 2013-07-20 00:43 - 00312232 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00188840 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-07-20 00:43 - 2013-07-20 00:43 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2013-07-20 00:43 - 2013-07-20 00:43 - 00000000 ____D C:\Program Files\Java
2013-07-20 00:43 - 2012-06-25 19:32 - 01093032 _____ (Oracle Corporation) C:\windows\system32\npDeployJava1.dll
2013-07-20 00:43 - 2012-01-17 21:33 - 00972712 _____ (Oracle Corporation) C:\windows\system32\deployJava1.dll
2013-07-20 00:33 - 2013-07-20 00:33 - 00000000 _____ C:\autoexec.bat
2013-07-19 22:20 - 2011-12-23 15:46 - 00000000 ____D C:\Users\Bert\Documents\FFOutput
2013-07-19 11:44 - 2013-07-18 21:38 - 00018944 _____ C:\Users\Bert\Desktop\Bundestagswahlprognose.xls
2013-07-18 15:03 - 2013-06-04 11:11 - 00025568 _____ (Zemana Ltd.) C:\windows\system32\Drivers\KeyCrypt64.sys
2013-07-18 04:43 - 2013-06-06 04:01 - 00000000 ____D C:\Users\Bert\MediathekView
2013-07-16 05:40 - 2013-07-16 05:40 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-07-16 05:34 - 2013-07-16 05:34 - 00000000 ____D C:\Users\Bert\Documents\Art
2013-07-16 05:27 - 2013-07-16 04:42 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Jitsi
2013-07-16 04:42 - 2013-07-16 04:42 - 00000000 ____D C:\Program Files (x86)\Jitsi
2013-07-16 04:14 - 2013-05-07 17:25 - 00000000 ____D C:\Users\Bert\Documents\Statistik
2013-07-16 04:02 - 2011-11-16 08:34 - 00131136 _____ C:\Users\Bert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-16 04:02 - 2009-07-14 06:45 - 00481992 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 04:01 - 2012-11-04 18:05 - 00002382 _____ C:\windows\Sandboxie.ini
2013-07-16 03:57 - 2013-07-09 23:58 - 00000000 ____D C:\Users\Bert\AppData\Roaming\PasteCopy.NET
2013-07-16 03:53 - 2011-11-15 19:56 - 00000000 ____D C:\ProgramData\Skype
2013-07-16 03:32 - 2013-07-16 02:49 - 00000000 ____D C:\Program Files (x86)\KVIrc
2013-07-14 01:00 - 2013-07-24 00:10 - 00007044 _____ C:\Users\Bert\Desktop\FEBEresults.html
2013-07-14 01:00 - 2013-07-04 00:16 - 00000000 ____D C:\Program Files (x86)\FEBE
2013-07-11 23:51 - 2013-07-11 23:48 - 00000000 ____D C:\Program Files (x86)\LibreOffice 3.6
2013-07-11 23:51 - 2011-07-29 05:57 - 00000000 ____D C:\windows\ShellNew
2013-07-10 02:14 - 2012-04-07 05:56 - 00000000 ____D C:\windows\Minidump
2013-07-10 02:14 - 2011-02-11 21:57 - 00000000 ____D C:\windows\Panther
2013-07-10 02:03 - 2011-11-19 10:35 - 00000000 ____D C:\Program Files (x86)\Registry System Wizard
2013-07-10 01:51 - 2009-07-14 07:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-07-10 01:47 - 2011-07-29 05:57 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 01:44 - 2013-07-10 01:44 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 01:43 - 2013-07-10 01:43 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 01:43 - 2013-07-10 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-10 01:43 - 2013-07-10 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-10 01:43 - 2013-07-10 01:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 01:41 - 2013-07-10 01:41 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-10 01:31 - 2013-07-10 01:31 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 01:31 - 2013-07-10 01:31 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 01:19 - 2012-09-05 14:56 - 01590378 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-10 01:09 - 2013-07-10 01:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-07-10 01:09 - 2013-07-10 01:09 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-07-10 01:08 - 2013-07-10 01:08 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-10 01:07 - 2013-07-10 01:07 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-07-10 01:07 - 2013-07-10 01:07 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2013-07-10 00:55 - 2013-07-10 00:55 - 00001262 _____ C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-07-10 00:54 - 2011-12-04 12:01 - 00000000 ____D C:\Users\Bert\AppData\Roaming\Apple Computer
2013-07-10 00:42 - 2013-07-10 00:05 - 00000000 ____D C:\Program Files\Office Tab
2013-07-10 00:16 - 2013-07-10 00:14 - 00000000 ____D C:\Program Files (x86)\Clover
2013-07-10 00:14 - 2013-07-10 00:14 - 00000000 ____D C:\Users\Bert\AppData\Local\Clover
2013-07-10 00:12 - 2013-07-10 00:09 - 00000000 ____D C:\Program Files\DIFX
2013-07-10 00:11 - 2013-07-10 00:11 - 00000000 ____D C:\Program Files (x86)\SpeedyFox
2013-07-10 00:07 - 2012-09-03 04:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-10 00:06 - 2013-07-10 00:06 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-07-10 00:05 - 2013-03-05 02:39 - 00000000 ____D C:\ProgramData\Licenses
2013-07-10 00:03 - 2013-07-10 00:03 - 00000000 ____D C:\Users\Bert\ultracopier
2013-07-10 00:00 - 2011-11-19 10:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-07-10 00:00 - 2011-11-16 09:03 - 00000000 ____D C:\Users\Bert\AppData\Roaming\IObit
2013-07-09 16:06 - 2013-01-29 00:53 - 00000000 ____D C:\Users\Bert\Desktop\Institut für soziale Berufe
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Users\Bert\AppData\Roaming\aignes
2013-07-08 23:50 - 2013-07-08 23:50 - 00000000 ____D C:\Program Files (x86)\AM-DeadLink
2013-07-04 14:44 - 2013-07-04 14:44 - 00000000 _____ C:\windows\SysWOW64\FAPED09.tmp
2013-07-04 14:41 - 2013-07-04 14:41 - 00000000 _____ C:\windows\SysWOW64\FAP6BE6.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAPFFE9.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP54F8.tmp
2013-07-04 14:40 - 2013-07-04 14:40 - 00000000 _____ C:\windows\SysWOW64\FAP3D90.tmp
2013-07-04 14:39 - 2013-07-04 14:39 - 00000000 _____ C:\windows\SysWOW64\FAP713B.tmp
2013-07-04 14:38 - 2013-07-04 14:38 - 00000000 _____ C:\windows\SysWOW64\FAPD69F.tmp
2013-07-04 14:36 - 2013-07-04 14:36 - 00000000 _____ C:\windows\SysWOW64\FAP2D.tmp
2013-07-04 14:35 - 2013-07-04 14:35 - 00000000 _____ C:\windows\SysWOW64\FAP76FF.tmp
2013-07-04 13:03 - 2013-07-04 13:03 - 00000000 _____ C:\windows\SysWOW64\FAPE22C.tmp
2013-07-04 13:02 - 2013-07-04 13:02 - 00000000 _____ C:\windows\SysWOW64\FAP5739.tmp
2013-07-04 13:00 - 2013-07-04 13:00 - 00000000 _____ C:\windows\SysWOW64\FAP5B7B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPFE8B.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF8A0.tmp
2013-07-04 12:58 - 2013-07-04 12:58 - 00000000 _____ C:\windows\SysWOW64\FAPF840.tmp
2013-07-04 12:57 - 2013-07-04 12:57 - 00000000 _____ C:\windows\SysWOW64\FAP7402.tmp
2013-07-04 12:50 - 2013-07-04 12:50 - 00000000 _____ C:\windows\SysWOW64\FAPDA60.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPEACA.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPD381.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAPBBF9.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP906.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP740E.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP5D8F.tmp
2013-07-04 12:49 - 2013-07-04 12:49 - 00000000 _____ C:\windows\SysWOW64\FAP2001.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP8C31.tmp
2013-07-04 12:48 - 2013-07-04 12:48 - 00000000 _____ C:\windows\SysWOW64\FAP78ED.tmp
2013-07-04 12:42 - 2013-07-04 12:42 - 00000000 _____ C:\windows\SysWOW64\FAP8450.tmp
2013-07-04 12:33 - 2013-07-04 12:33 - 00000000 _____ C:\windows\SysWOW64\FAP1334.tmp
2013-07-04 12:17 - 2013-07-04 12:17 - 00000000 _____ C:\windows\SysWOW64\FAP815F.tmp
2013-07-04 12:11 - 2012-12-04 23:54 - 00000000 ____D C:\Program Files (x86)\URLSnooper2
2013-07-04 11:14 - 2012-12-18 17:00 - 00084027 _____ C:\Users\Bert\Desktop\Mjusiq.xspf
2013-07-04 11:10 - 2011-11-18 16:13 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-04 04:09 - 2013-07-04 04:09 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-04 04:09 - 2013-07-04 04:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-04 04:09 - 2012-07-13 01:33 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-04 04:09 - 2011-11-18 16:14 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-04 03:43 - 2012-10-11 11:23 - 00007607 _____ C:\Users\Bert\AppData\Local\Resmon.ResmonCfg
2013-07-04 01:24 - 2013-07-04 01:24 - 00000000 ____D C:\Users\Bert\.macromedia
2013-07-03 23:04 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Puran Defrag
2013-07-03 17:05 - 2011-11-15 22:30 - 00000000 ____D C:\Program Files\CCleaner
2013-07-03 16:44 - 2013-07-03 16:39 - 00000600 _____ C:\Users\Bert\PUTTY.RND
2013-07-03 14:59 - 2013-07-03 14:59 - 00000000 _____ C:\Users\Bert\mm_backup.cfg
2013-07-02 17:21 - 2013-07-02 17:21 - 00000000 ____D C:\Program Files (x86)\Tor
2013-07-02 17:18 - 2013-07-02 17:17 - 00000000 ____D C:\Users\Bert\Documents\Calibre Library
2013-07-02 17:18 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\AppData\Roaming\calibre
2013-07-02 17:13 - 2013-07-02 17:13 - 00000000 ____D C:\Users\Bert\Documents\Calibre Bibliothek
2013-07-02 17:12 - 2013-07-02 17:12 - 00000000 ____D C:\Program Files (x86)\Calibre2
2013-07-02 03:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-07-02 03:06 - 2013-07-02 03:06 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-07-02 03:06 - 2013-07-02 03:06 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-07-02 03:06 - 2013-07-02 03:06 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00242200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-07-02 03:06 - 2013-07-02 03:06 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-07-02 03:06 - 2013-07-02 03:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-07-02 03:06 - 2013-07-02 03:06 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-06-26 20:29 - 2012-10-02 11:09 - 00000000 ____D C:\Users\Bert\Desktop\2nd
2013-06-24 00:57 - 2011-11-17 05:14 - 78277128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 08:33

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-07-2013 01
Ran by Bert at 2013-07-24 01:34:10
Running from C:\Users\Bert\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Any Video Converter 5.0.7 (x32)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Canon MG5100 series MP Drivers
CCleaner (Version: 4.03)
COMODO Firewall (Version: 6.2.20728.2847)
dows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Emsisoft Anti-Malware (x32 Version: 8.0)
Eraser 6.0.10.2620 (Version: 6.0.2620)
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Finanzausgleich zum Selberrechnen (Version: 1.0.2)
GIMP 2.8.2 (Version: 2.8.2)
Google Earth (x32 Version: 7.1.1.1888)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Jitsi (Version: 2.2.4603.9615)
K-Lite Codec Pack 9.9.5 (64-bit) (Version: 9.9.5)
Media Preview (Version: 1.2.5.264)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Maintenance Service (x32 Version: 23.0)
O&O Defrag Free Edition (Version: 14.1.431)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Split And Merge Basic (Version: 2.2.2)
PDF-XChange Viewer (Version: 2.5.199.0)
PhotoFiltre 7 (HKCU)
Puran Defrag 7.5
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Recuva (Version: 1.47)
Sandboxie 4.04 (64-bit) (Version: 4.04)
Should I Remove It (HKCU Version: 1.0.4)
Should I Remove It (x32 Version: 1.0.4)
Spyware Terminator 2012 (x32 Version: 3.0.0.82)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (12/20/2012 10.0.0.222) (Version: 12/20/2012 10.0.0.222)
Windows-Treiberpaket - Realtek (RTL8167) Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)
Windows-Treiberpaket - Realtek Net  (12/26/2012 7.067.1226.2012) (Version: 12/26/2012 7.067.1226.2012)

==================== Restore Points  =========================

23-07-2013 12:53:26 Installed Should I Remove It

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-23 02:30 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {052FF8F9-17E5-46CE-92E9-2459D443BE1D} - System32\Tasks\WifiManager => %programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe No File
Task: {07BA8459-7B7A-4378-BA93-87DAF8F39996} - System32\Tasks\SamsungSupportCenter => %programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe No File
Task: {121D8FED-57CE-49BA-A249-6F4B0FB52E2B} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {1B988CEF-61CE-415B-BA9E-DF7E634739CD} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-06-18] (COMODO)
Task: {1D3851B4-445B-4305-8350-7780C810AE89} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {1FB82CDD-DC15-43F9-A27D-7CB6868BA476} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {20EE00D5-6A47-499F-8646-0EEECB513933} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {362D8E5A-6F06-4B37-A8BC-362361B37052} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {3D505DDD-A399-485D-BE86-3973F4B7B2B4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {485C9238-50AE-4DBB-BB0C-BCD991F50DBD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {4BE9723B-5BFB-4B57-B199-62385B836FE7} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {4D6F3CD8-7EAE-4856-81B9-362478929477} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe No File
Task: {710D33EB-91F9-486B-B7BD-3F854CA02D54} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {7A2B3EFC-3362-4935-B339-884F665B6953} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2012-11-08] (WiseCleaner.com)
Task: {7D5CB5A2-919E-4192-A53A-AB0928AB102F} - System32\Tasks\{BBF7C257-78DB-4727-AAD0-4AC4EE99BFC6} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
Task: {91586A9A-F31D-46B0-AD12-B2EA51F12FB5} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {92801305-2B16-4643-A691-588E7158BDD4} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {9424B58E-CC51-430F-B47D-AF5ADA340E8B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {9809E7C2-3D95-425E-806A-CCC7DA20450E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {9F263098-948A-4E79-BC27-D9B9FD248EAE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {A2EC6E16-DD7C-42E6-A5BB-55CE62962A8B} - System32\Tasks\EasyBatteryManager => %ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe No File
Task: {B971BF12-5F0B-4B04-A0DD-92042CAE76EC} - System32\Tasks\EasySpeedUpManager => %programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe No File
Task: {C2390F26-B14C-45EF-AE0D-BDB414531F1B} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-02-14] (SEC)
Task: {C40C0685-91D5-4663-89AD-3E9C29063AA7} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-06-18] (COMODO)
Task: {C50A22D2-F54D-482A-9577-DF42FF3B6FC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {C7F32861-B0A4-450B-A160-0EFCB9969A8E} - System32\Tasks\SUPBackground => %ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {CE138B3D-A62C-41D2-AD85-F767AB0971FD} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2013-06-19] (Piriform Ltd)
Task: {DC7F9992-F690-448D-976A-21B1347CC9FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EA4ED269-2A24-41F4-9428-38506827D19F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-06-08] (IObit)
Task: {FFBED0E0-3C47-49A8-8D34-064CA7B1A8D9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-592597040-2687735098-3077039613-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Faulty Device Manager Devices =============

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2013 01:32:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:29:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:25:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:22:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:18:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:15:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:12:37 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.EXE, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4d4

Startzeit: 01ce87f9bb17c921

Endzeit: 12

Anwendungspfad: C:\USERS\BERT\DESKTOP\FRST64.EXE

Berichts-ID: 59a7d0c9-f3ed-11e2-b5e3-e81132c8ae88

Error: (07/24/2013 01:12:36 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 4800. Meldungs-ID: [0x2509].

Error: (07/24/2013 01:09:45 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.EXE, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ae0

Startzeit: 01ce87f983dd675c

Endzeit: 11

Anwendungspfad: C:\USERS\BERT\DESKTOP\FRST64.EXE

Berichts-ID: f08e8604-f3ec-11e2-b5e3-e81132c8ae88

Error: (07/24/2013 01:03:33 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2768. Meldungs-ID: [0x2509].


System errors:
=============
Error: (07/24/2013 01:31:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:36 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/24/2013 01:31:36 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/24/2013 01:31:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/24/2013 01:31:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/24/2013 01:32:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:29:18 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:25:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:22:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:18:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:15:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2013 01:12:37 AM) (Source: Application Hang)(User: )
Description: FRST64.EXE3.3.8.14d401ce87f9bb17c92112C:\USERS\BERT\DESKTOP\FRST64.EXE59a7d0c9-f3ed-11e2-b5e3-e81132c8ae88

Error: (07/24/2013 01:12:36 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 4800. Meldungs-ID: [0x2509].

Error: (07/24/2013 01:09:45 AM) (Source: Application Hang)(User: )
Description: FRST64.EXE3.3.8.1ae001ce87f983dd675c11C:\USERS\BERT\DESKTOP\FRST64.EXEf08e8604-f3ec-11e2-b5e3-e81132c8ae88

Error: (07/24/2013 01:03:33 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.1008 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2768. Meldungs-ID: [0x2509].


CodeIntegrity Errors:
===================================
  Date: 2013-07-23 03:18:41.635
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A795.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:18:41.408
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\A795.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:10:23.899
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:10:23.720
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:07:50.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 03:07:50.106
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\B74D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 02:29:47.957
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-23 02:29:47.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.929
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-21 01:22:44.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4009.55 MB
Available physical RAM: 3390.99 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 7429.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71 GB) (Free:16.77 GB) NTFS (Disk=0 Partition=2)
Drive d: () (Fixed) (Total:203.63 GB) (Free:1.5 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 010722F6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================

schrauber · 24.07.2013, 11:12

Besteht das Problem noch mit Firefox? Profil sichern war irgendwie ungut, das wird als erstes verseucht.

UltimateBert · 24.07.2013, 15:08

Habe ja nur einzelne Dateien aus dem Profil (wie z. B. places.sqlite) wieder ins neue Profil kopiert. Anscheinend hat's funktioniert! Falls doch noch Probleme auftreten, melde ich mich noch mal. Bis dahin ganz vielen lieben Dank für Deine Hilfe!!!!!

schrauber · 24.07.2013, 16:05

Ok, dann räumen wir mal auf

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

UltimateBert · 24.07.2013, 21:48

Noch mal: Tausend Dank für die Hilfe!!! Et funzt wieder!!! VLG

schrauber · 25.07.2013, 07:39

Gern Geschehen

23.07.2013, 21:01	#16
schrauber /// the machine /// TB-Ausbilder	Nervige Werbung: 'Ads not by this site'-Problem Firefox deinstallieren, keine Daten behalten, neu installieren, testen. dann ein frisches FRST log bitte. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

24.07.2013, 11:12	#18
schrauber /// the machine /// TB-Ausbilder	Nervige Werbung: 'Ads not by this site'-Problem Besteht das Problem noch mit Firefox? Profil sichern war irgendwie ungut, das wird als erstes verseucht. __________________ __________________

25.07.2013, 07:39	#22
schrauber /// the machine /// TB-Ausbilder	Nervige Werbung: 'Ads not by this site'-Problem Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Nervige Werbung: 'Ads not by this site'-Problem

Plagegeister aller Art und deren Bekämpfung: Nervige Werbung: 'Ads not by this site'-Problem