Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Weisses Flash-Popup in Firefox

Weisses Flash-Popup in Firefox


Log-Analyse und Auswertung: Weisses Flash-Popup in Firefox

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 26.07.2013, 11:32   #1
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Hallo zusammen!

Vielen Dank zunächst für die Möglichkeit, über dieses Board Hilfe zu bekommen!
Ich habe das Problem, dass sich seit einigen Tagen immer mal wieder ein weisses Pop-up Fenster im Firefox öffnet, legt sich inhaltslos über die gesamte Seite.
Bislang konnte ich keinen Viraus ausfindig machen, daher hoffe ich hier auf Hilfe!
Anbei das Logfile von AdwCleaner:

Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 26/07/2013 um 12:26:25 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzer : caro - HURRY09
# Bootmodus : Normal
# Ausgeführt unter : E:\Download\Download\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : APNMCP

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gefunden : C:\ProgramData\APN
Ordner Gefunden : C:\ProgramData\AskPartnerNetwork
Ordner Gefunden : C:\Users\eddie\AppData\Local\Temp\APN
Ordner Gefunden : C:\Users\eddie\AppData\Roaming\DataMgr
Ordner Gefunden : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\extensions\toolbar@ask.com

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AskPartnerNetwork
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\AskPartnerNetwork
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

Gefunden : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gefunden : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

Gefunden : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gefunden : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

Gefunden : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gefunden : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

Gefunden : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gefunden : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

Gefunden : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gefunden : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.cbid", "JM");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "100000080");
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.to", "");

*************************

AdwCleaner[R1].txt - [12441 octets] - [25/07/2013 10:46:07]
AdwCleaner[R2].txt - [12502 octets] - [25/07/2013 10:49:23]
AdwCleaner[R3].txt - [12563 octets] - [25/07/2013 10:51:34]
AdwCleaner[R4].txt - [12493 octets] - [26/07/2013 12:26:25]

########## EOF - C:\AdwCleaner[R4].txt - [12554 octets] ##########

Grüße cvh

Alt 26.07.2013, 12:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 26.07.2013, 12:30   #3
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Hi schrauber,

erstmal danke für die Mühe! Hier frst.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-07-2013
Ran by caro (administrator) on 26-07-2013 13:25:12
Running from E:\Download\Download
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [375808 2010-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DellControlPoint] - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [DellConnectionManager] - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1796096 2009-07-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-04-09] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [x]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Windows Task Manager] - C:\Windows\System32\taskmgr.exe [192512 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [SSync] - C:\Users\eddie\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [DataMgr] - C:\Users\eddie\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-06-26] (HTTO Group, Ltd.)
HKCU\...\Run: [SCheck] - C:\Users\eddie\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\eddie\AppData\Roaming\Snz\Snz.exe [1137673 2013-07-21] ()
HKCU\...\Run: [Intermediate] - C:\Users\eddie\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-17] (APN)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\eddie\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler: msdaipp - No CLSID Value - 
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default
FF user.js: detected! => C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\user.js
FF Homepage: hxxp://ecosia.org
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Visualisateur 3D de 20-20 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\toolbar@ask.com
FF Extension: firebug - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: om - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\om@offermosquito.com.xpi
FF Extension: toolbar_FF3-V7 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\toolbar_FF3-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-10-08] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe [89600 2009-02-12] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-17] (APN LLC.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [352256 2008-06-05] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [409600 2008-07-14] ()
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [510752 2009-07-16] (Dell Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [76288 2009-07-22] (Smith Micro Software, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe [268800 2009-04-09] (IDT, Inc.)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2006-09-18] (AVM GmbH)
R3 CCIDFILTER; C:\Windows\System32\DRIVERS\ccidflt.SYS [13864 2009-11-03] (Broadcom Corporation)
S3 d553bus; C:\Windows\System32\DRIVERS\d553bus.sys [325120 2008-12-19] (MCCI Corporation)
S3 d553card; C:\Windows\System32\DRIVERS\d553card.sys [378368 2008-12-19] (MCCI Corporation)
S3 d553gps; C:\Windows\System32\DRIVERS\d553gps64.sys [88104 2009-01-08] (Dell)
S3 d553mdfl; C:\Windows\System32\DRIVERS\d553mdfl.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdfl2; C:\Windows\System32\DRIVERS\d553mdfl2.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdm; C:\Windows\System32\DRIVERS\d553mdm.sys [422912 2008-12-19] (MCCI Corporation)
S3 d553mdm2; C:\Windows\System32\DRIVERS\d553mdm2.sys [474112 2008-12-19] (MCCI Corporation)
S3 d553nd5; C:\Windows\System32\DRIVERS\d553nd5.sys [34816 2008-12-19] (MCCI Corporation)
S3 d553scard; C:\Windows\System32\DRIVERS\d553scard.sys [57896 2009-04-06] (Dell)
S3 d553unic; C:\Windows\System32\DRIVERS\d553unic.sys [431104 2008-12-19] (MCCI Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2006-09-18] (AVM Berlin)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-10] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 11:52 - 2013-07-26 13:20 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-07-26 11:52 - 2013-07-26 13:13 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-07-26 11:52 - 2013-07-26 13:13 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-07-26 11:52 - 2013-07-26 11:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-26 11:52 - 2013-07-26 11:52 - 00003790 _____ C:\Windows\System32\Tasks\Scan the system (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00003436 _____ C:\Windows\System32\Tasks\Refresh immunization (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00003022 _____ C:\Windows\System32\Tasks\Check for updates (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00001227 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-07-26 11:52 - 2013-07-26 11:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-26 11:52 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:30 - 2013-07-24 22:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-21 13:21 - 2013-07-21 13:20 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 13:26 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 13:26 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 13:26 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 13:26 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 13:26 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 13:26 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 13:26 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 13:26 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 13:26 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 13:26 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 13:25 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 13:25 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 13:25 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 13:24 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-19 13:24 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-19 13:24 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-19 13:24 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 13:24 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 13:24 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 13:21 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-19 10:03 - 2013-07-17 09:11 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-18 09:38 - 2013-07-24 21:43 - 00003776 _____ C:\Windows\PFRO.log
2013-07-17 10:22 - 2013-07-24 21:34 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-17 09:43 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\DataMgr
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:42 - 2013-07-26 13:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 09:42 - 2013-07-26 12:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 09:42 - 2013-07-17 09:47 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:42 - 2013-07-17 09:47 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:42 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\APN
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:40 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\eddie\Documents\APNSetup.exe
2013-07-17 09:39 - 2013-07-17 10:17 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 09:34 - 2013-07-17 09:35 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-17 09:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-17 09:26 - 2013-07-17 10:16 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 09:26 - 2013-07-17 09:28 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat
2013-06-26 13:46 - 2013-06-27 00:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 08:53 - 2013-06-26 08:53 - 00044216 _____ C:\Users\eddie\AppData\Local\ext_piccshare_uninst.exe

==================== One Month Modified Files and Folders =======

2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 13:21 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.001
2013-07-26 13:20 - 2013-07-26 11:52 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-07-26 13:20 - 2013-07-17 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-26 13:20 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-26 13:20 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-26 13:20 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-26 13:18 - 2008-01-21 03:53 - 01089933 _____ C:\Windows\WindowsUpdate.log
2013-07-26 13:13 - 2013-07-26 11:52 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-07-26 13:13 - 2013-07-26 11:52 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-07-26 13:12 - 2009-10-05 15:57 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-26 13:12 - 2006-11-02 17:40 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-26 12:52 - 2013-07-17 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 12:09 - 2009-10-05 15:24 - 00000000 ____D C:\Users\eddie
2013-07-26 11:57 - 2013-07-26 11:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-26 11:52 - 2013-07-26 11:52 - 00003790 _____ C:\Windows\System32\Tasks\Scan the system (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00003436 _____ C:\Windows\System32\Tasks\Refresh immunization (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00003022 _____ C:\Windows\System32\Tasks\Check for updates (Spybot - Search & Destroy)
2013-07-26 11:52 - 2013-07-26 11:52 - 00001227 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-07-26 11:52 - 2013-07-26 11:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-26 11:10 - 2009-10-06 01:14 - 00632242 _____ C:\Windows\system32\perfh007.dat
2013-07-26 11:10 - 2009-10-06 01:14 - 00127472 _____ C:\Windows\system32\perfc007.dat
2013-07-26 11:10 - 2006-11-02 14:46 - 01453908 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 11:08 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.dat
2013-07-25 22:16 - 2009-10-06 21:10 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Skype
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 14:15 - 2009-10-05 15:24 - 00000000 ___RD C:\Users\eddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:57 - 2013-03-28 10:01 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-24 22:29 - 2013-07-24 22:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-24 22:29 - 2013-03-16 18:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-24 22:29 - 2013-03-16 18:08 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-24 21:43 - 2013-07-18 09:38 - 00003776 _____ C:\Windows\PFRO.log
2013-07-24 21:43 - 2013-06-11 07:37 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-24 21:34 - 2013-07-17 10:22 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-24 21:33 - 2013-06-11 07:37 - 00000000 ____D C:\Users\eddie\Documents\Anti-Malware
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-22 07:57 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-21 13:23 - 2013-02-01 22:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 13:23 - 2013-02-01 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 13:23 - 2009-10-08 17:32 - 00000000 ____D C:\Users\eddie\AppData\Local\Adobe
2013-07-21 13:20 - 2013-07-21 13:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 16:02 - 2006-11-02 17:21 - 00323792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 13:41 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-19 12:23 - 2013-05-28 17:40 - 00000000 ____D C:\Users\eddie\AppData\Roaming\FileZilla
2013-07-18 13:15 - 2009-10-17 21:57 - 00000000 ____D C:\ProgramData\Roxio
2013-07-17 10:17 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 10:16 - 2013-07-17 09:26 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 10:16 - 2009-10-06 20:15 - 00000000 ____D C:\Windows\Minidump
2013-07-17 10:16 - 2009-10-06 01:15 - 00000000 ____D C:\Windows\Panther
2013-07-17 10:16 - 2009-10-06 00:31 - 00000000 ____D C:\Users\eddie\AppData\Local\MigWiz
2013-07-17 10:05 - 2009-10-05 23:23 - 00014336 _____ C:\Users\eddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-17 09:47 - 2013-07-17 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:47 - 2013-07-17 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\DataMgr
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:43 - 2013-07-17 09:42 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\APN
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:35 - 2013-07-17 09:34 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:28 - 2013-07-17 09:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:21 - 2009-10-08 17:31 - 00000000 ____D C:\ProgramData\Adobe
2013-07-17 09:21 - 2009-10-05 22:23 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Adobe
2013-07-17 09:11 - 2013-07-19 10:03 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 09:19 - 2013-01-31 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat
2013-06-27 00:24 - 2013-06-26 13:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 08:53 - 2013-06-26 08:53 - 00044216 _____ C:\Users\eddie\AppData\Local\ext_piccshare_uninst.exe

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-26 13:26

==================== End Of Log ============================
--- --- ---


und weiter addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-07-2013
Ran by caro at 2013-07-26 13:26:21
Running from E:\Download\Download
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis*True*Image*Home (x32 Version: 11.0.8064)
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (x32 Version: 006.000.000)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Photoshop CS (x32 Version: CS)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 12.2.1.523)
AVerMedia A815 USB DVB-T 1.0.64.46 (x32 Version: 1.0.64.46)
AVerTV (x32 Version: 6.0.12)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
AVM FRITZ!X (x32)
BioAPI Framework (Version: 1.0.1)
Bonjour (Version: 3.0.0.10)
click.exe Laufzeitumgebung (x32)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
Dell 5530 Wireless Broadband Package (Version: 1.0.11.13)
Dell ControlPoint Connection Manager 64 (Version: 1.3.0)
Dell ControlPoint System Manager (Version: 1.3.00000)
Dell ControlVault Host Components Installer 64Bit (Version: 1.7.459.360)
Dell Resource CD (x32 Version: 1.00.0000)
Dell Security Device Driver Pack (x32 Version: 1.4.056)
Dell Touchpad (Version: 7.1102.101.102)
Dell Webcam Central (x32 Version: 1.01.04)
dows-Treiberpaket - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
Foxit Reader (x32)
Free PDF to Word Converter 4.2.3.183 (Version: 4.2.3.183)
FreePDF (Remove only) (x32)
Google Chrome Frame (x32 Version: 65.119.72)
Google Update Helper (x32 Version: 1.3.21.153)
GPL Ghostscript 8.63
IDT Audio (x32 Version: 1.0.6187.0)
Integrated Webcam Driver (1.06.03.0309)   (Version: 1.06.03.0309)
Intel PROSet Wireless
Intel(R) Network Connections Drivers
Intel(R) PROSet/Wireless WiFi-Software (Version: 12.00.4000)
Intel® Matrix Storage Manager
IrfanView (remove only) (x32 Version: 4.35)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 3 (x32 Version: 1.6.0.30)
Lame ACM MP3 Codec (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mein CEWE FOTOBUCH (x32 Version: 5.0.1)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MozBackup 1.4.9 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.3)
NVIDIA nView Desktop Manager
PiccShare (HKCU Version: 2.0)
QuickTime (x32 Version: 7.74.80.86)
RedMon - Redirection Port Monitor
RICOH R5U241 / R5C847 Media Driver ver.2.04.01.00 (x32 Version: 2.04.01.00)
Roxio Activation Module (x32 Version: 1.0)
Roxio Creator Audio (x32 Version: 3.5.0)
Roxio Creator Copy (x32 Version: 3.5.0)
Roxio Creator Data (x32 Version: 3.5.0)
Roxio Creator DE (x32 Version: 3.5.0)
Roxio Creator Tools (x32 Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (x32 Version: 3.2.1)
Roxio Update Manager (x32 Version: 6.0.0)
Samsung CLX-3170 Series (x32)
SetIP (x32)
Skype™ 6.5 (x32 Version: 6.5.158)
Sonic CinePlayer Decoder Pack (x32 Version: 4.2.0)
Spybot - Search & Destroy (x32 Version: 2.1.20)
Super Flexible File Synchronizer v4.59 (x32 Version: 4.59)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
TypeC3000 TWAIN Driver Ver.4 (x32 Version: 4.13)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0)
WIDCOMM Bluetooth Software (Version: 6.2.0.8500)
Winamp (x32 Version: 5.64 )
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
XAMPP 1.8.1 (x32)

==================== Restore Points  =========================

23-07-2013 08:07:01 Geplanter Prüfpunkt
24-07-2013 17:54:27 Geplanter Prüfpunkt
24-07-2013 20:28:29 Installed Java 7 Update 25
24-07-2013 20:54:44 Installed QuickTime

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04C92709-F14D-48C9-BFCD-426105334BF5} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {069CC2B3-E421-442A-9064-7A9DAF364F1F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {5C11F229-98E0-4B10-8D1A-CFFB62CAF2F9} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {61607632-ED93-4EEA-970C-728EE93BE59D} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {AEB77A1F-4944-40D1-86BE-2423AF4347BC} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {B6F1A3D0-D426-4862-AA51-4038A75A5B30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17] (Google Inc.)
Task: {B9BAFF93-694F-45FA-8E60-A94120D6BFBE} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {CA243031-8D77-437B-A17B-A03351207887} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17] (Google Inc.)
Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {E5AE0082-60E9-4C96-9911-EC1B4ED59C97} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Faulty Device Manager Devices =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2013 01:21:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (07/26/2013 01:20:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2013 01:13:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2013 00:09:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (07/26/2013 11:05:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 160900

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 160900

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2013 08:06:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2013 10:50:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.


System errors:
=============
Error: (07/26/2013 01:20:23 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20

Error: (07/26/2013 01:20:09 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 26.07.2013 um 13:18:57 unerwartet heruntergefahren.

Error: (07/26/2013 01:13:23 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20

Error: (07/26/2013 11:05:45 AM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.104 für die Netzwerkkarte mit der Netzwerkadresse 00216A7BC1BE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (07/26/2013 11:05:40 AM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20

Error: (07/25/2013 08:06:27 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20

Error: (07/25/2013 09:08:26 AM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 0.0.0.0 für die Netzwerkkarte mit der Netzwerkadresse 00216A7BC1BE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (07/25/2013 09:08:23 AM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.102 für die Netzwerkkarte mit der Netzwerkadresse 00216A7BC1BE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (07/24/2013 10:32:41 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20

Error: (07/24/2013 09:44:25 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20


Microsoft Office Sessions:
=========================
Error: (07/26/2013 01:21:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestE:\Download\Download\SoftonicDownloader_fuer_format-factory.exe

Error: (07/26/2013 01:20:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2013 01:13:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2013 00:09:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestE:\Download\Download\SoftonicDownloader_fuer_format-factory.exe

Error: (07/26/2013 11:05:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 160900

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 160900

Error: (07/25/2013 10:13:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2013 08:06:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2013 10:50:05 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestE:\Download\Download\SoftonicDownloader_fuer_format-factory.exe


CodeIntegrity Errors:
===================================
  Date: 2013-07-25 11:39:09.983
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.874
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.624
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.141
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:09.016
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:08.891
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-25 11:39:08.782
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 2995.12 MB
Available physical RAM: 1657.73 MB
Total Pagefile: 8919.4 MB
Available Pagefile: 7101.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (WinVistaU) (Fixed) (Total:97.66 GB) (Free:37.03 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Boot) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive e: (Ablage) (Fixed) (Total:228.52 GB) (Free:119.41 GB) NTFS (Disk=0 Partition=3)
Drive f: (Sonstiges) (Fixed) (Total:139.49 GB) (Free:133.53 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 186297C4)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=229 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=139 GB) - (Type=OF Extended)

==================== End Of Log ============================
Grüße cvh
__________________
Alt 26.07.2013, 13:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.07.2013, 14:09   #5
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Hi schrauber,

hier nun combofix.txt:

Code:
ATTFilter
ComboFix 13-07-25.02 - caro 26.07.2013  14:40:43.1.2 - x64
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.49.1031.18.2995.1303 [GMT 2:00]
ausgeführt von:: c:\users\eddie\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\eddie\AppData\Local\ext_piccshare_uninst.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\test
c:\windows\wininit.ini
E:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-26 bis 2013-07-26  ))))))))))))))))))))))))))))))
.
.
2013-07-26 12:50 . 2013-07-26 12:50	--------	d-----w-	c:\users\user\AppData\Local\temp
2013-07-26 12:50 . 2013-07-26 12:50	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-07-26 11:25 . 2013-07-26 11:25	--------	d-----w-	C:\FRST
2013-07-26 09:52 . 2013-07-26 09:57	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-07-25 12:15 . 2013-07-25 12:15	253952	------w-	c:\windows\Setup1.exe
2013-07-25 12:15 . 2013-07-25 12:15	74752	----a-w-	c:\windows\ST6UNST.EXE
2013-07-24 20:57 . 2013-07-24 20:57	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-24 20:57 . 2013-07-24 20:57	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-24 20:57 . 2013-07-24 20:57	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-24 20:57 . 2013-07-24 20:57	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-24 20:57 . 2013-07-24 20:57	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-07-24 20:57 . 2013-07-24 20:57	--------	d-----w-	c:\program files (x86)\QuickTime
2013-07-24 20:29 . 2013-07-24 20:29	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-22 05:57 . 2013-07-22 05:57	--------	d-----w-	c:\users\eddie\AppData\Roaming\Snz
2013-07-21 11:21 . 2013-07-21 11:20	312232	----a-w-	c:\windows\system32\javaws.exe
2013-07-21 11:21 . 2013-07-21 11:20	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-21 11:21 . 2013-07-21 11:20	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-21 11:20 . 2013-07-21 11:20	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-21 11:20 . 2013-07-21 11:20	189352	----a-w-	c:\windows\system32\javaw.exe
2013-07-21 11:20 . 2013-07-21 11:20	188840	----a-w-	c:\windows\system32\java.exe
2013-07-21 11:20 . 2013-07-21 11:20	--------	d-----w-	c:\program files\Java
2013-07-19 11:25 . 2013-05-29 06:15	17829376	----a-w-	c:\windows\system32\mshtml.dll
2013-07-19 11:25 . 2013-05-29 05:50	10926080	----a-w-	c:\windows\system32\ieframe.dll
2013-07-19 11:21 . 2013-06-04 02:03	2775040	----a-w-	c:\windows\system32\win32k.sys
2013-07-17 08:22 . 2013-07-24 19:34	--------	d-----w-	c:\program files (x86)\SWiSH Jukebox2
2013-07-17 07:43 . 2013-07-17 07:43	--------	d-----w-	c:\users\eddie\AppData\Local\ext_piccshare
2013-07-17 07:43 . 2013-07-22 05:57	--------	d-----w-	c:\users\eddie\AppData\Roaming\Intermediate
2013-07-17 07:43 . 2013-07-17 07:43	--------	d-----w-	c:\users\eddie\AppData\Roaming\DataMgr
2013-07-17 07:43 . 2013-07-17 07:43	--------	d-----w-	c:\users\eddie\AppData\Roaming\SSync
2013-07-17 07:43 . 2013-07-17 07:43	--------	d-----w-	c:\users\eddie\AppData\Roaming\SCheck
2013-07-17 07:42 . 2013-07-17 07:43	--------	d-----w-	c:\users\eddie\AppData\Local\Google
2013-07-17 07:42 . 2013-07-17 07:42	--------	d-----w-	c:\program files (x86)\Google
2013-07-17 07:41 . 2013-07-17 07:41	--------	d-----w-	c:\users\eddie\AppData\Roaming\PiccShare
2013-07-17 07:41 . 2013-07-17 07:41	--------	d-----w-	c:\users\eddie\AppData\Roaming\Common
2013-07-17 07:40 . 2013-07-17 07:40	--------	d-----w-	c:\programdata\AskPartnerNetwork
2013-07-17 07:40 . 2013-07-17 07:40	--------	d-----w-	c:\program files (x86)\AskPartnerNetwork
2013-07-17 07:40 . 2013-07-17 07:40	--------	d-----w-	c:\programdata\APN
2013-07-17 07:39 . 2013-07-17 08:17	--------	d-----w-	c:\program files (x86)\FreeTime
2013-07-17 07:27 . 2009-09-04 15:29	1892184	----a-w-	c:\windows\SysWow64\D3DX9_42.dll
2013-07-17 07:27 . 2006-09-28 14:05	2414360	----a-w-	c:\windows\SysWow64\d3dx9_31.dll
2013-07-17 07:26 . 2013-07-17 08:16	--------	d-----w-	c:\users\eddie\AppData\Roaming\Winamp
2013-07-17 07:26 . 2013-07-17 07:28	--------	d-----w-	c:\program files (x86)\Winamp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-24 20:29 . 2013-03-16 16:08	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-24 20:29 . 2013-03-16 16:08	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-21 11:23 . 2013-02-01 20:17	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-21 11:23 . 2013-02-01 20:17	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-19 11:41 . 2006-11-02 12:35	78185248	----a-w-	c:\windows\system32\mrt.exe
2013-05-08 04:50 . 2013-06-14 08:23	1423720	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-05-02 04:16 . 2013-06-14 08:21	686080	----a-w-	c:\windows\system32\win32spl.dll
2013-05-02 04:04 . 2013-06-14 08:21	443904	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-05-02 04:03 . 2013-06-14 08:21	37376	----a-w-	c:\windows\SysWow64\printcom.dll
2013-05-01 01:59 . 2013-05-01 01:59	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}]
2013-06-26 06:53	119184	----a-w-	c:\users\eddie\AppData\Local\ext_piccshare\ext_piccshare.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"Windows Task Manager"="c:\windows\System32\taskmgr.exe" [2008-01-21 163840]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"SSync"="c:\users\eddie\AppData\Roaming\SSync\SSync.exe" [2013-04-09 36864]
"DataMgr"="c:\users\eddie\AppData\Roaming\DataMgr\DataMgr.exe" [2013-06-26 168848]
"SCheck"="c:\users\eddie\AppData\Roaming\SCheck\SCheck.exe" [2013-04-09 36864]
"Snoozer"="c:\users\eddie\AppData\Roaming\Snz\Snz.exe" [2013-07-21 1137673]
"Intermediate"="c:\users\eddie\AppData\Roaming\Intermediate\Intermediate.exe" [2013-04-09 36864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-01 345144]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-17 1558480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2009-10-6 159744]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-25 1077024]
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-7-16 1333024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe"
"3170 Scan2PC"="c:\windows\twain_32\Samsung\CLX3170\Scan2Pc.exe"
"Samsung PanelMgr"=c:\windows\Samsung\PanelMgr\SSMMgr.exe /autorun
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17 07:42]
.
2013-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17 07:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 375808]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-06-11 656384]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2009-07-22 1796096]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 15960608]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-01-30 89632]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 62.109.121.1 62.109.121.2
FF - ProfilePath - c:\users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\
FF - prefs.js: browser.startup.homepage - hxxp://ecosia.org
FF - ExtSQL: 2013-06-26 14:19; toolbar_FF3-V7@apn.ask.com; c:\users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\extensions\toolbar_FF3-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-07-19 20:54; om@offermosquito.com; c:\users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\extensions\om@offermosquito.com.xpi
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
AddRemove-FRITZ!X - c:\windows\IsUn0407.exe
AddRemove-PiccShare - c:\users\eddie\AppData\Local\ext_piccshare_uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-07-26  15:01:44
ComboFix-quarantined-files.txt  2013-07-26 13:01
.
Vor Suchlauf: 11 Verzeichnis(se), 39.645.700.096 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 38.168.535.040 Bytes frei
.
- - End Of File - - 305F66866F66707419A5CA9E4F43CA09
A36C5E4F47E84449FF07ED3517B43A31
Grüße
cvh


Alt 26.07.2013, 14:39   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Weisses Flash-Popup in Firefox

Alt 26.07.2013, 15:15   #7
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


hallo schrauber,

so da wären:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 26/07/2013 um 15:55:34 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzer : caro - HURRY09
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\eddie\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : APNMCP

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\11-suche.xml
Gelöscht mit Neustart : C:\Program Files (x86)\AskPartnerNetwork
Gelöscht mit Neustart : C:\ProgramData\APN
Gelöscht mit Neustart : C:\ProgramData\AskPartnerNetwork
Gelöscht mit Neustart : C:\Users\eddie\AppData\Local\Temp\APN
Gelöscht mit Neustart : C:\Users\eddie\AppData\Roaming\DataMgr
Gelöscht mit Neustart : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\extensions\toolbar@ask.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.asktb.AviraIDW-TS", "1319829353257");
Gelöscht : user_pref("extensions.asktb.AviraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<button xm[...]
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Programme\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.cbid", "JM");
Gelöscht : user_pref("extensions.asktb.config-updated", true);
Gelöscht : user_pref("extensions.asktb.crumb", "2011.07.04+23.10.49-toolbar008iad-DE-SGFtYnVyZyxHZXJtYW55");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gelöscht : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gelöscht : user_pref("extensions.asktb.guid", "3ea862b0-a002-48c5-867d-ebf5032f2878");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1320949941928");
Gelöscht : user_pref("extensions.asktb.last-search-timestamp", "1319829325922");
Gelöscht : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gelöscht : user_pref("extensions.asktb.notification-shown", true);
Gelöscht : user_pref("extensions.asktb.o", "100000080");
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.sa", "NO");
Gelöscht : user_pref("extensions.asktb.search-history-queries", "kur was erwarte ich||kur anforderung an die ei[...]
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.to", "");

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [12441 octets] - [25/07/2013 10:46:07]
AdwCleaner[R2].txt - [12502 octets] - [25/07/2013 10:49:23]
AdwCleaner[R3].txt - [12563 octets] - [25/07/2013 10:51:34]
AdwCleaner[R4].txt - [12624 octets] - [26/07/2013 12:26:25]
AdwCleaner[S1].txt - [4608 octets] - [26/07/2013 15:55:34]

########## EOF - C:\AdwCleaner[S1].txt - [4668 octets] ##########

Und:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.3 (07.25.2013:1)
OS: Windows (TM) Vista Ultimate x64
Ran by caro on 26.07.2013 at 16:04:20,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\syswow64\authuitu.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Successfully deleted the following from C:\Users\eddie\AppData\Roaming\mozilla\firefox\profiles\7dzadu58.default\prefs.js

user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomai
Emptied folder: C:\Users\eddie\AppData\Roaming\mozilla\firefox\profiles\7dzadu58.default\minidumps [74 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.07.2013 at 16:09:00,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und ein letztes:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-07-2013
Ran by caro (administrator) on 26-07-2013 16:10:46
Running from C:\Users\eddie\Desktop
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [375808 2010-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DellControlPoint] - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [DellConnectionManager] - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1796096 2009-07-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-04-09] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [x]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Windows Task Manager] - C:\Windows\System32\taskmgr.exe [192512 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [SSync] - C:\Users\eddie\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [SCheck] - C:\Users\eddie\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\eddie\AppData\Roaming\Snz\Snz.exe [1137673 2013-07-21] ()
HKCU\...\Run: [Intermediate] - C:\Users\eddie\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\eddie\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler: msdaipp - No CLSID Value - 
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default
FF Homepage: hxxp://ecosia.org
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Visualisateur 3D de 20-20 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: firebug - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: om - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\om@offermosquito.com.xpi
FF Extension: toolbar_FF3-V7 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\toolbar_FF3-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-10-08] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe [89600 2009-02-12] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [352256 2008-06-05] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [409600 2008-07-14] ()
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [510752 2009-07-16] (Dell Inc.)
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [76288 2009-07-22] (Smith Micro Software, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe [268800 2009-04-09] (IDT, Inc.)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2006-09-18] (AVM GmbH)
R3 CCIDFILTER; C:\Windows\System32\DRIVERS\ccidflt.SYS [13864 2009-11-03] (Broadcom Corporation)
S3 d553bus; C:\Windows\System32\DRIVERS\d553bus.sys [325120 2008-12-19] (MCCI Corporation)
S3 d553card; C:\Windows\System32\DRIVERS\d553card.sys [378368 2008-12-19] (MCCI Corporation)
S3 d553gps; C:\Windows\System32\DRIVERS\d553gps64.sys [88104 2009-01-08] (Dell)
S3 d553mdfl; C:\Windows\System32\DRIVERS\d553mdfl.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdfl2; C:\Windows\System32\DRIVERS\d553mdfl2.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdm; C:\Windows\System32\DRIVERS\d553mdm.sys [422912 2008-12-19] (MCCI Corporation)
S3 d553mdm2; C:\Windows\System32\DRIVERS\d553mdm2.sys [474112 2008-12-19] (MCCI Corporation)
S3 d553nd5; C:\Windows\System32\DRIVERS\d553nd5.sys [34816 2008-12-19] (MCCI Corporation)
S3 d553scard; C:\Windows\System32\DRIVERS\d553scard.sys [57896 2009-04-06] (Dell)
S3 d553unic; C:\Windows\System32\DRIVERS\d553unic.sys [431104 2008-12-19] (MCCI Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2006-09-18] (AVM Berlin)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-10] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:37 - 2013-07-26 15:02 - 00000000 ____D C:\Qoobox
2013-07-26 14:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-26 14:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-26 14:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-26 14:36 - 2013-07-26 14:59 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:36 - 2013-07-26 14:50 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 13:24 - 2013-07-26 13:24 - 01779853 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 11:52 - 2013-07-26 11:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:30 - 2013-07-24 22:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-21 13:21 - 2013-07-21 13:20 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 13:26 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 13:26 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 13:26 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 13:26 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 13:26 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 13:26 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 13:26 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 13:26 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 13:26 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 13:26 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 13:25 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 13:25 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 13:25 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 13:24 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-19 13:24 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-19 13:24 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-19 13:24 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 13:24 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 13:24 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 13:21 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-19 10:03 - 2013-07-17 09:11 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-18 09:38 - 2013-07-26 15:03 - 00006646 _____ C:\Windows\PFRO.log
2013-07-17 10:22 - 2013-07-24 21:34 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-17 09:43 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:42 - 2013-07-26 15:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 09:42 - 2013-07-26 15:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 09:42 - 2013-07-17 09:47 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:42 - 2013-07-17 09:47 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:42 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:40 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\eddie\Documents\APNSetup.exe
2013-07-17 09:39 - 2013-07-17 10:17 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 09:34 - 2013-07-17 09:35 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-17 09:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-17 09:26 - 2013-07-17 10:16 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 09:26 - 2013-07-17 09:28 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat
2013-06-26 13:46 - 2013-06-27 00:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:03 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.001
2013-07-26 16:02 - 2009-10-06 01:14 - 00632242 _____ C:\Windows\system32\perfh007.dat
2013-07-26 16:02 - 2009-10-06 01:14 - 00127472 _____ C:\Windows\system32\perfc007.dat
2013-07-26 16:02 - 2006-11-02 14:46 - 01453908 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 16:00 - 2008-01-21 03:53 - 01140421 _____ C:\Windows\WindowsUpdate.log
2013-07-26 15:57 - 2013-07-17 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-26 15:57 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-26 15:57 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-26 15:57 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-26 15:56 - 2009-10-05 15:57 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-26 15:56 - 2006-11-02 17:40 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:52 - 2013-07-17 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-26 15:51 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.dat
2013-07-26 15:03 - 2013-07-18 09:38 - 00006646 _____ C:\Windows\PFRO.log
2013-07-26 15:02 - 2013-07-26 14:37 - 00000000 ____D C:\Qoobox
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:59 - 2013-07-26 14:36 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:51 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2013-07-26 14:50 - 2013-07-26 14:36 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 13:24 - 2013-07-26 13:24 - 01779853 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 12:09 - 2009-10-05 15:24 - 00000000 ____D C:\Users\eddie
2013-07-26 11:57 - 2013-07-26 11:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 22:16 - 2009-10-06 21:10 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Skype
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 14:15 - 2009-10-05 15:24 - 00000000 ___RD C:\Users\eddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:57 - 2013-03-28 10:01 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-24 22:29 - 2013-07-24 22:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-24 22:29 - 2013-03-16 18:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-24 22:29 - 2013-03-16 18:08 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-24 21:43 - 2013-06-11 07:37 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-24 21:34 - 2013-07-17 10:22 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-24 21:33 - 2013-06-11 07:37 - 00000000 ____D C:\Users\eddie\Documents\Anti-Malware
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-22 07:57 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-21 13:23 - 2013-02-01 22:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 13:23 - 2013-02-01 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 13:23 - 2009-10-08 17:32 - 00000000 ____D C:\Users\eddie\AppData\Local\Adobe
2013-07-21 13:20 - 2013-07-21 13:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 16:02 - 2006-11-02 17:21 - 00323792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 13:41 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-19 12:23 - 2013-05-28 17:40 - 00000000 ____D C:\Users\eddie\AppData\Roaming\FileZilla
2013-07-18 13:15 - 2009-10-17 21:57 - 00000000 ____D C:\ProgramData\Roxio
2013-07-17 10:17 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 10:16 - 2013-07-17 09:26 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 10:16 - 2009-10-06 20:15 - 00000000 ____D C:\Windows\Minidump
2013-07-17 10:16 - 2009-10-06 01:15 - 00000000 ____D C:\Windows\Panther
2013-07-17 10:16 - 2009-10-06 00:31 - 00000000 ____D C:\Users\eddie\AppData\Local\MigWiz
2013-07-17 10:05 - 2009-10-05 23:23 - 00014336 _____ C:\Users\eddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-17 09:47 - 2013-07-17 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:47 - 2013-07-17 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:43 - 2013-07-17 09:42 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:35 - 2013-07-17 09:34 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:28 - 2013-07-17 09:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:21 - 2009-10-08 17:31 - 00000000 ____D C:\ProgramData\Adobe
2013-07-17 09:21 - 2009-10-05 22:23 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Adobe
2013-07-17 09:11 - 2013-07-19 10:03 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 09:19 - 2013-01-31 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat
2013-06-27 00:24 - 2013-06-26 13:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-26 16:05

==================== End Of Log ============================
--- --- ---


Sonnige Grüße
cvh

Alt 27.07.2013, 10:34   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Sorry für die Verspätung, liege flach mit Grippe und Fieber.

Noch nen Onlinescan und wir sind durch.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.07.2013, 13:18   #9
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Moin, schrauber!
Also erstmal Danke für deine Mühe, trotz Grippe! Gute Besserung!

Hier die 3 Files:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f71d5dc8c9b39e41bc2884b6c51d7c6c
# engine=14548
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-27 11:50:42
# local_time=2013-07-27 01:50:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 96 7000 240349132 0 0
# compatibility_mode=5892 16776574 100 100 118296120 212449842 0 0
# scanned=225081
# found=0
# cleaned=0
# scan_time=5420

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.70  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 25  
 Java(TM) 6 Update 3  
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 	11.8.800.94  
 Adobe Reader 10.1.4 Adobe Reader out of Date!  
 Mozilla Firefox (22.0) 
 Mozilla Thunderbird (17.0.7) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
Und das frische frst:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-07-2013
Ran by caro (administrator) on 27-07-2013 14:05:38
Running from C:\Users\eddie\Desktop
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [375808 2010-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DellControlPoint] - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [DellConnectionManager] - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1796096 2009-07-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-04-09] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [x]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Windows Task Manager] - C:\Windows\System32\taskmgr.exe [192512 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [SSync] - C:\Users\eddie\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [SCheck] - C:\Users\eddie\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\eddie\AppData\Roaming\Snz\Snz.exe [1137673 2013-07-21] ()
HKCU\...\Run: [Intermediate] - C:\Users\eddie\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\eddie\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler: msdaipp - No CLSID Value - 
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default
FF Homepage: hxxp://ecosia.org
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Visualisateur 3D de 20-20 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: firebug - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: om - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\om@offermosquito.com.xpi
FF Extension: toolbar_FF3-V7 - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\toolbar_FF3-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\7dzadu58.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-10-08] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe [89600 2009-02-12] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [352256 2008-06-05] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [409600 2008-07-14] ()
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [510752 2009-07-16] (Dell Inc.)
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [76288 2009-07-22] (Smith Micro Software, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe [268800 2009-04-09] (IDT, Inc.)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-29] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2006-09-18] (AVM GmbH)
R3 CCIDFILTER; C:\Windows\System32\DRIVERS\ccidflt.SYS [13864 2009-11-03] (Broadcom Corporation)
S3 d553bus; C:\Windows\System32\DRIVERS\d553bus.sys [325120 2008-12-19] (MCCI Corporation)
S3 d553card; C:\Windows\System32\DRIVERS\d553card.sys [378368 2008-12-19] (MCCI Corporation)
S3 d553gps; C:\Windows\System32\DRIVERS\d553gps64.sys [88104 2009-01-08] (Dell)
S3 d553mdfl; C:\Windows\System32\DRIVERS\d553mdfl.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdfl2; C:\Windows\System32\DRIVERS\d553mdfl2.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdm; C:\Windows\System32\DRIVERS\d553mdm.sys [422912 2008-12-19] (MCCI Corporation)
S3 d553mdm2; C:\Windows\System32\DRIVERS\d553mdm2.sys [474112 2008-12-19] (MCCI Corporation)
S3 d553nd5; C:\Windows\System32\DRIVERS\d553nd5.sys [34816 2008-12-19] (MCCI Corporation)
S3 d553scard; C:\Windows\System32\DRIVERS\d553scard.sys [57896 2009-04-06] (Dell)
S3 d553unic; C:\Windows\System32\DRIVERS\d553unic.sys [431104 2008-12-19] (MCCI Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2006-09-18] (AVM Berlin)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-10] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-27 14:01 - 2013-07-27 14:01 - 00001047 _____ C:\Users\eddie\Desktop\checkup.txt
2013-07-27 12:16 - 2013-07-27 12:16 - 00891062 _____ C:\Users\eddie\Desktop\SecurityCheck.exe
2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:37 - 2013-07-26 15:02 - 00000000 ____D C:\Qoobox
2013-07-26 14:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-26 14:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-26 14:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-26 14:36 - 2013-07-26 14:59 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:36 - 2013-07-26 14:50 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 13:24 - 2013-07-26 13:24 - 01779853 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 11:52 - 2013-07-26 11:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:30 - 2013-07-24 22:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-21 13:21 - 2013-07-21 13:20 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 13:26 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 13:26 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 13:26 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 13:26 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 13:26 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 13:26 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 13:26 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 13:26 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 13:26 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 13:26 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 13:25 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 13:25 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 13:25 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 13:24 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-19 13:24 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-19 13:24 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-19 13:24 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 13:24 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 13:24 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 13:21 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-19 10:03 - 2013-07-17 09:11 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-18 09:38 - 2013-07-27 14:02 - 00007472 _____ C:\Windows\PFRO.log
2013-07-17 10:22 - 2013-07-24 21:34 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-17 09:43 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:42 - 2013-07-27 14:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 09:42 - 2013-07-27 13:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 09:42 - 2013-07-17 09:47 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:42 - 2013-07-17 09:47 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:42 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:40 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\eddie\Documents\APNSetup.exe
2013-07-17 09:39 - 2013-07-17 10:17 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 09:34 - 2013-07-17 09:35 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-17 09:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-17 09:26 - 2013-07-17 10:16 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 09:26 - 2013-07-17 09:28 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat

==================== One Month Modified Files and Folders =======

2013-07-27 14:03 - 2013-07-17 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-27 14:03 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.001
2013-07-27 14:03 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-27 14:03 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-27 14:03 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-27 14:02 - 2013-07-18 09:38 - 00007472 _____ C:\Windows\PFRO.log
2013-07-27 14:01 - 2013-07-27 14:01 - 00001047 _____ C:\Users\eddie\Desktop\checkup.txt
2013-07-27 14:01 - 2009-10-05 15:57 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-27 14:01 - 2008-01-21 03:53 - 01163391 _____ C:\Windows\WindowsUpdate.log
2013-07-27 14:01 - 2006-11-02 17:40 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-27 13:52 - 2013-07-17 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-27 12:16 - 2013-07-27 12:16 - 00891062 _____ C:\Users\eddie\Desktop\SecurityCheck.exe
2013-07-27 12:16 - 2009-10-06 01:14 - 00632242 _____ C:\Windows\system32\perfh007.dat
2013-07-27 12:16 - 2009-10-06 01:14 - 00127472 _____ C:\Windows\system32\perfc007.dat
2013-07-27 12:16 - 2006-11-02 14:46 - 01453908 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 21:51 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.dat
2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:02 - 2013-07-26 14:37 - 00000000 ____D C:\Qoobox
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:59 - 2013-07-26 14:36 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:51 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2013-07-26 14:50 - 2013-07-26 14:36 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 13:24 - 2013-07-26 13:24 - 01779853 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 12:09 - 2009-10-05 15:24 - 00000000 ____D C:\Users\eddie
2013-07-26 11:57 - 2013-07-26 11:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 22:16 - 2009-10-06 21:10 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Skype
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 14:15 - 2009-10-05 15:24 - 00000000 ___RD C:\Users\eddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:57 - 2013-03-28 10:01 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-24 22:29 - 2013-07-24 22:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-24 22:29 - 2013-03-16 18:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-24 22:29 - 2013-03-16 18:08 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-24 21:43 - 2013-06-11 07:37 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-24 21:34 - 2013-07-17 10:22 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-24 21:33 - 2013-06-11 07:37 - 00000000 ____D C:\Users\eddie\Documents\Anti-Malware
2013-07-22 07:57 - 2013-07-22 07:57 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Snz
2013-07-22 07:57 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Intermediate
2013-07-21 13:23 - 2013-02-01 22:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 13:23 - 2013-02-01 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 13:23 - 2009-10-08 17:32 - 00000000 ____D C:\Users\eddie\AppData\Local\Adobe
2013-07-21 13:20 - 2013-07-21 13:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 16:02 - 2006-11-02 17:21 - 00323792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 13:41 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-19 12:23 - 2013-05-28 17:40 - 00000000 ____D C:\Users\eddie\AppData\Roaming\FileZilla
2013-07-18 13:15 - 2009-10-17 21:57 - 00000000 ____D C:\ProgramData\Roxio
2013-07-17 10:17 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 10:16 - 2013-07-17 09:26 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 10:16 - 2009-10-06 20:15 - 00000000 ____D C:\Windows\Minidump
2013-07-17 10:16 - 2009-10-06 01:15 - 00000000 ____D C:\Windows\Panther
2013-07-17 10:16 - 2009-10-06 00:31 - 00000000 ____D C:\Users\eddie\AppData\Local\MigWiz
2013-07-17 10:05 - 2009-10-05 23:23 - 00014336 _____ C:\Users\eddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-17 09:47 - 2013-07-17 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:47 - 2013-07-17 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SSync
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Roaming\SCheck
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:43 - 2013-07-17 09:42 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:35 - 2013-07-17 09:34 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:28 - 2013-07-17 09:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:21 - 2009-10-08 17:31 - 00000000 ____D C:\ProgramData\Adobe
2013-07-17 09:21 - 2009-10-05 22:23 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Adobe
2013-07-17 09:11 - 2013-07-19 10:03 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 09:19 - 2013-01-31 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 21:44 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat
2013-06-27 00:24 - 2013-06-26 13:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-26 16:23

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Was ist hier eigentlich das Problem? Ich bin ziemlich ratlos - berichte, ob ich weiterhin weisse Wände - eh, Fenster sehe!
Sonnigen Gruß

Ich habe immernoch diese weissen Fenster...!?!
Antivir lässt sich unter Systemsteuerung--> Sichherheitscenter nicht mehr aktivieren, steht einfach weiterhin "aus" ! Hm, hm.
Geändert von cvh (27.07.2013 um 13:54 Uhr)

Alt 27.07.2013, 17:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Flash und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKCU\...\Run: [SSync] - C:\Users\eddie\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [SCheck] - C:\Users\eddie\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\eddie\AppData\Roaming\Snz\Snz.exe [1137673 2013-07-21] ()
HKCU\...\Run: [Intermediate] - C:\Users\eddie\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKLM-x32\...\Run: [] -  [x]
C:\Users\eddie\AppData\Roaming\SSync
C:\Users\eddie\AppData\Roaming\SCheck
C:\Users\eddie\AppData\Roaming\Snz
C:\Users\eddie\AppData\Roaming\Intermediate
C:\ProgramData\nvModes.dat

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Avira deinstallieren und Avast installieren

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.



In welchem Browser hast Du die Fenster?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.07.2013, 21:36   #11
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Hi,

flash war laut add-ons-manager aktuell, habe ich nochmal aktualisiert,hm. beim Acrobat reader soll laut Manager zwar aktualisiert werden, ist aber die aktuelle Version mit 10.1.4.38 - habe ich jetzt erstmal deaktiviert.

Avira deinstalliert, Avast installiert - hat erst beim 2. Mal funktioniert, vorher beim sehr langen download abgebrochen. Jetzt habe ich noch eine Meldung: aswRunDI funktioniert nicht mehr - Online nach Lösung suchen oder Programm schliessen.

Ich benutze weiterhin Mozilla Firefox und hier noch das Fixlog_Logfile:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-07-2013 04
Ran by caro at 2013-07-27 21:30:01 Run:1
Running from C:\Users\eddie\Desktop
Boot Mode: Normal
==============================================

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SSync => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SCheck => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Snoozer => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Intermediate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
C:\Users\eddie\AppData\Roaming\SSync => Moved successfully.
C:\Users\eddie\AppData\Roaming\SCheck => Moved successfully.
C:\Users\eddie\AppData\Roaming\Snz => Moved successfully.
C:\Users\eddie\AppData\Roaming\Intermediate => Moved successfully.
C:\ProgramData\nvModes.dat => Moved successfully.

==== End of Fixlog ====
Schönen Abend!

Aktualisiert: Acrobat reader...
Geändert von cvh (27.07.2013 um 21:55 Uhr)

Alt 28.07.2013, 07:14   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Firefox deinstallieren, keine Daten behalten, neu installieren. Frisches FRST log bitte.

Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.07.2013, 08:53   #13
cvh
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


Moin schrauber,

hoffe es geht dir besser! Firefox deinstalliert, neu installiert. Habe nachts mal avast laufen lassen und hat als einziges Programm HTMLownloader-FG [Expl] gefunden und in den Virus-Container gepackt. Danke auch für den Tipp mit Avira/Avast.
Ich test jetzt mal und melde mich gegebenenfalls nochmal. Ganz herzlichen Dank für deine Hilfe!! Und hier noch das frische Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013 04
Ran by caro (administrator) on 28-07-2013 09:42:30
Running from C:\Users\eddie\Desktop
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [375808 2010-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [DellControlPoint] - C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [DellConnectionManager] - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1796096 2009-07-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-04-09] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [x]
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [x]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [Windows Task Manager] - C:\Windows\System32\taskmgr.exe [192512 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [2928040 2013-07-02] (Emsisoft GmbH)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\user\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [2438656 2009-04-11] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\eddie\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler: msdaipp - No CLSID Value - 
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.109.121.1 62.109.121.2

FireFox:
========
FF ProfilePath: C:\Users\eddie\AppData\Roaming\Mozilla\Firefox\Profiles\ht7lewts.default
FF Homepage: hxxp://ecosia.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-10-08] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\AESTSr64.exe [89600 2009-02-12] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [352256 2008-06-05] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [409600 2008-07-14] ()
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [510752 2009-07-16] (Dell Inc.)
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [76288 2009-07-22] (Smith Micro Software, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_780bb960\STacSV64.exe [268800 2009-04-09] (IDT, Inc.)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [66320 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [59144 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-27] ()
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2006-09-18] (AVM GmbH)
R3 CCIDFILTER; C:\Windows\System32\DRIVERS\ccidflt.SYS [13864 2009-11-03] (Broadcom Corporation)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57032 2013-07-02] (Emsisoft GmbH)
S3 d553bus; C:\Windows\System32\DRIVERS\d553bus.sys [325120 2008-12-19] (MCCI Corporation)
S3 d553card; C:\Windows\System32\DRIVERS\d553card.sys [378368 2008-12-19] (MCCI Corporation)
S3 d553gps; C:\Windows\System32\DRIVERS\d553gps64.sys [88104 2009-01-08] (Dell)
S3 d553mdfl; C:\Windows\System32\DRIVERS\d553mdfl.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdfl2; C:\Windows\System32\DRIVERS\d553mdfl2.sys [19456 2008-12-19] (MCCI Corporation)
S3 d553mdm; C:\Windows\System32\DRIVERS\d553mdm.sys [422912 2008-12-19] (MCCI Corporation)
S3 d553mdm2; C:\Windows\System32\DRIVERS\d553mdm2.sys [474112 2008-12-19] (MCCI Corporation)
S3 d553nd5; C:\Windows\System32\DRIVERS\d553nd5.sys [34816 2008-12-19] (MCCI Corporation)
S3 d553scard; C:\Windows\System32\DRIVERS\d553scard.sys [57896 2009-04-06] (Dell)
S3 d553unic; C:\Windows\System32\DRIVERS\d553unic.sys [431104 2008-12-19] (MCCI Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R2 DLABMFSE; C:\Windows\System32\Drivers\DLABMFSE.SYS [46448 2007-07-23] (Roxio)
R2 DLABOIOE; C:\Windows\System32\Drivers\DLABOIOE.SYS [42352 2007-07-23] (Roxio)
R0 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [17776 2007-07-23] (Roxio)
R2 DLADResE; C:\Windows\System32\Drivers\DLADResE.SYS [9968 2007-07-23] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\Drivers\DLAIFS_E.SYS [146672 2007-07-23] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\Drivers\DLAOPIOE.SYS [35056 2007-07-23] (Roxio)
R2 DLAPoolE; C:\Windows\System32\Drivers\DLAPoolE.SYS [19824 2007-07-23] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [41072 2007-07-23] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\Drivers\DLAUDFAE.SYS [135152 2007-07-23] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\Drivers\DLAUDF_E.SYS [144112 2007-07-23] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [124112 2007-07-23] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63984 2007-07-23] (Roxio)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2006-09-18] (AVM Berlin)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R3 USBCCID; C:\Windows\System32\DRIVERS\usbccid.sys [38400 2009-04-10] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-28 09:39 - 2013-07-28 09:39 - 00000897 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-28 09:39 - 2013-07-28 09:39 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Mozilla
2013-07-28 09:37 - 2013-07-28 09:37 - 00280368 _____ (Mozilla) C:\Users\eddie\Downloads\Firefox Setup Stub 22.0.exe
2013-07-27 23:29 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\SysWOW64\gcapi_dll.dll
2013-07-27 22:26 - 2013-07-27 23:26 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-27 22:26 - 2013-07-27 22:26 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00382668 _____ C:\Users\eddie\AppData\Local\dd_vcredistMSI6D03.txt
2013-07-27 22:26 - 2013-07-27 22:26 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00011454 _____ C:\Users\eddie\AppData\Local\dd_vcredistUI6D03.txt
2013-07-27 22:26 - 2013-07-27 22:26 - 00001794 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-27 22:26 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-27 22:26 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-27 22:26 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-27 22:26 - 2013-05-09 10:59 - 00059144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-07-27 22:26 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-27 22:26 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-27 22:26 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-27 22:25 - 2013-07-27 22:25 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-27 22:24 - 2013-07-27 22:25 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-27 21:42 - 2013-07-27 21:42 - 00143396 _____ C:\ProgramData\nvModes.dat
2013-07-27 21:35 - 2013-07-27 21:40 - 00000002 _____ C:\AvastSetup.log
2013-07-27 21:35 - 2013-07-27 21:35 - 06604352 _____ (AVAST Software) C:\Users\eddie\Desktop\avast_free_antivirus_setup_online.exe
2013-07-27 16:59 - 2013-07-27 16:59 - 00000939 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-07-27 14:46 - 2013-07-27 14:46 - 01780815 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-27 14:01 - 2013-07-27 14:01 - 00001047 _____ C:\Users\eddie\Desktop\checkup.txt
2013-07-27 12:16 - 2013-07-27 12:16 - 00891062 _____ C:\Users\eddie\Desktop\SecurityCheck.exe
2013-07-27 12:15 - 2013-07-27 12:15 - 02347384 _____ (ESET) C:\Users\eddie\Desktop\esetsmartinstaller_enu.exe
2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:37 - 2013-07-26 15:02 - 00000000 ____D C:\Qoobox
2013-07-26 14:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-26 14:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-26 14:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-26 14:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-26 14:36 - 2013-07-26 14:59 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:36 - 2013-07-26 14:50 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 11:52 - 2013-07-26 11:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:30 - 2013-07-24 22:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:21 - 2013-07-21 13:20 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 13:26 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 13:26 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 13:26 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 13:26 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 13:26 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 13:26 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 13:26 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 13:26 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 13:26 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 13:26 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 13:26 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 13:26 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 13:26 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 13:26 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 13:26 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 13:26 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 13:26 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 13:26 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 13:26 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 13:25 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 13:25 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 13:25 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 13:24 - 2013-06-01 06:19 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-19 13:24 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-19 13:24 - 2013-05-08 06:18 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-19 13:24 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 13:24 - 2013-04-17 14:32 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 14:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:29 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 13:24 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 13:24 - 2013-04-17 13:27 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 13:02 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 13:24 - 2013-04-17 12:58 - 01149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 13:24 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 13:24 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 13:24 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 13:24 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 13:21 - 2013-06-04 04:03 - 02775040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-19 10:03 - 2013-07-17 09:11 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-18 09:38 - 2013-07-27 21:41 - 00008744 _____ C:\Windows\PFRO.log
2013-07-17 10:22 - 2013-07-24 21:34 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:42 - 2013-07-28 09:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 09:42 - 2013-07-28 07:27 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 09:42 - 2013-07-17 09:47 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:42 - 2013-07-17 09:47 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:42 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:40 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\eddie\Documents\APNSetup.exe
2013-07-17 09:39 - 2013-07-17 10:17 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 09:34 - 2013-07-17 09:35 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-17 09:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-07-17 09:26 - 2013-07-17 10:16 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 09:26 - 2013-07-17 09:28 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-02 21:44 - 2013-07-28 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat

==================== One Month Modified Files and Folders =======

2013-07-28 09:40 - 2009-10-06 01:14 - 00632242 _____ C:\Windows\system32\perfh007.dat
2013-07-28 09:40 - 2009-10-06 01:14 - 00127472 _____ C:\Windows\system32\perfc007.dat
2013-07-28 09:40 - 2006-11-02 14:46 - 01453908 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 09:39 - 2013-07-28 09:39 - 00000897 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-28 09:39 - 2013-07-28 09:39 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Mozilla
2013-07-28 09:39 - 2013-07-02 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-28 09:39 - 2013-01-31 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-28 09:37 - 2013-07-28 09:37 - 00280368 _____ (Mozilla) C:\Users\eddie\Downloads\Firefox Setup Stub 22.0.exe
2013-07-28 09:37 - 2008-01-21 03:53 - 01282256 _____ C:\Windows\WindowsUpdate.log
2013-07-28 09:34 - 2009-10-06 22:22 - 00143396 _____ C:\ProgramData\nvModes.001
2013-07-28 09:33 - 2013-07-17 09:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 09:33 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 09:33 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 09:33 - 2006-11-02 17:21 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 09:31 - 2009-10-05 15:57 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-28 09:31 - 2006-11-02 17:40 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-28 07:27 - 2013-07-17 09:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-27 23:29 - 2009-10-08 18:08 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Foxit Software
2013-07-27 23:26 - 2013-07-27 22:26 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-27 23:24 - 2009-10-06 21:02 - 00000000 ____D C:\ProgramData\FreePDF
2013-07-27 23:24 - 2009-10-05 23:44 - 00000000 ____D C:\Program Files (x86)\FreePDF_XP
2013-07-27 23:23 - 2009-10-16 23:46 - 00000000 ____D C:\Program Files\Free PDF to Word Converter
2013-07-27 22:26 - 2013-07-27 22:26 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00382668 _____ C:\Users\eddie\AppData\Local\dd_vcredistMSI6D03.txt
2013-07-27 22:26 - 2013-07-27 22:26 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-27 22:26 - 2013-07-27 22:26 - 00011454 _____ C:\Users\eddie\AppData\Local\dd_vcredistUI6D03.txt
2013-07-27 22:26 - 2013-07-27 22:26 - 00001794 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-27 22:26 - 2013-07-27 22:26 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-27 22:25 - 2013-07-27 22:25 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-27 22:25 - 2013-07-27 22:24 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-27 21:42 - 2013-07-27 21:42 - 00143396 _____ C:\ProgramData\nvModes.dat
2013-07-27 21:41 - 2013-07-18 09:38 - 00008744 _____ C:\Windows\PFRO.log
2013-07-27 21:40 - 2013-07-27 21:35 - 00000002 _____ C:\AvastSetup.log
2013-07-27 21:35 - 2013-07-27 21:35 - 06604352 _____ (AVAST Software) C:\Users\eddie\Desktop\avast_free_antivirus_setup_online.exe
2013-07-27 21:24 - 2009-10-08 17:32 - 00000000 ____D C:\Users\eddie\AppData\Local\Adobe
2013-07-27 21:20 - 2013-06-11 07:37 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-07-27 21:19 - 2013-02-01 22:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-27 21:19 - 2013-02-01 22:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-27 16:59 - 2013-07-27 16:59 - 00000939 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-07-27 16:59 - 2013-06-11 07:37 - 00000000 ____D C:\Users\eddie\Documents\Anti-Malware
2013-07-27 15:40 - 2013-03-19 18:25 - 00003696 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-07-27 14:46 - 2013-07-27 14:46 - 01780815 _____ (Farbar) C:\Users\eddie\Desktop\FRST64.exe
2013-07-27 14:01 - 2013-07-27 14:01 - 00001047 _____ C:\Users\eddie\Desktop\checkup.txt
2013-07-27 12:16 - 2013-07-27 12:16 - 00891062 _____ C:\Users\eddie\Desktop\SecurityCheck.exe
2013-07-27 12:15 - 2013-07-27 12:15 - 02347384 _____ (ESET) C:\Users\eddie\Desktop\esetsmartinstaller_enu.exe
2013-07-26 16:09 - 2013-07-26 16:09 - 00001501 _____ C:\Users\eddie\Desktop\JRT.txt
2013-07-26 16:04 - 2013-07-26 16:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-26 16:01 - 2013-07-26 16:01 - 00561140 _____ (Oleg N. Scherbakov) C:\Users\eddie\Desktop\JRT.exe
2013-07-26 15:55 - 2013-07-26 15:55 - 00004737 _____ C:\AdwCleaner[S1].txt
2013-07-26 15:55 - 2013-07-26 15:55 - 00000412 _____ C:\Windows\DeleteOnReboot.bat
2013-07-26 15:02 - 2013-07-26 14:37 - 00000000 ____D C:\Qoobox
2013-07-26 15:01 - 2013-07-26 15:01 - 00018429 _____ C:\ComboFix.txt
2013-07-26 14:59 - 2013-07-26 14:36 - 00000000 ____D C:\Windows\erdnt
2013-07-26 14:51 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2013-07-26 14:50 - 2013-07-26 14:36 - 00000000 ____D C:\32788R22FWJFW
2013-07-26 14:28 - 2013-07-26 14:28 - 05093969 ____R (Swearware) C:\Users\eddie\Desktop\ComboFix.exe
2013-07-26 13:25 - 2013-07-26 13:25 - 00000000 ____D C:\FRST
2013-07-26 12:26 - 2013-07-26 12:26 - 00012624 _____ C:\AdwCleaner[R4].txt
2013-07-26 12:09 - 2013-07-26 12:09 - 00000000 _____ C:\Users\eddie\defogger_reenable
2013-07-26 12:09 - 2009-10-05 15:24 - 00000000 ____D C:\Users\eddie
2013-07-26 11:57 - 2013-07-26 11:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-25 22:16 - 2009-10-06 21:10 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Skype
2013-07-25 14:15 - 2013-07-25 14:15 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-07-25 14:15 - 2013-07-25 14:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-07-25 14:15 - 2013-07-25 14:15 - 00002887 _____ C:\Windows\ST6UNST.LOG
2013-07-25 14:15 - 2009-10-05 15:24 - 00000000 ___RD C:\Users\eddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-25 10:51 - 2013-07-25 10:51 - 00012563 _____ C:\AdwCleaner[R3].txt
2013-07-25 10:49 - 2013-07-25 10:49 - 00012502 _____ C:\AdwCleaner[R2].txt
2013-07-25 10:46 - 2013-07-25 10:46 - 00012441 _____ C:\AdwCleaner[R1].txt
2013-07-25 10:45 - 2013-07-25 10:45 - 00666633 _____ C:\Users\eddie\Desktop\adwcleaner.exe
2013-07-24 22:57 - 2013-07-24 22:57 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-24 22:57 - 2013-03-28 10:01 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-24 22:29 - 2013-07-24 22:30 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-24 22:29 - 2013-07-24 22:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-24 22:29 - 2013-06-14 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-24 22:29 - 2013-03-16 18:08 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-24 22:29 - 2013-03-16 18:08 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-24 21:34 - 2013-07-17 10:22 - 00000000 ____D C:\Program Files (x86)\SWiSH Jukebox2
2013-07-21 13:20 - 2013-07-21 13:21 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-21 13:20 - 2013-07-21 13:21 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-21 13:20 - 2013-07-21 13:20 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-21 13:20 - 2013-07-21 13:20 - 00000000 ____D C:\Program Files\Java
2013-07-19 16:02 - 2006-11-02 17:21 - 00323792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-19 15:59 - 2006-11-02 17:06 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 13:41 - 2006-11-02 14:35 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-19 12:23 - 2013-05-28 17:40 - 00000000 ____D C:\Users\eddie\AppData\Roaming\FileZilla
2013-07-18 13:15 - 2009-10-17 21:57 - 00000000 ____D C:\ProgramData\Roxio
2013-07-17 10:17 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-17 10:16 - 2013-07-17 09:26 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Winamp
2013-07-17 10:16 - 2009-10-06 20:15 - 00000000 ____D C:\Windows\Minidump
2013-07-17 10:16 - 2009-10-06 01:15 - 00000000 ____D C:\Windows\Panther
2013-07-17 10:16 - 2009-10-06 00:31 - 00000000 ____D C:\Users\eddie\AppData\Local\MigWiz
2013-07-17 10:05 - 2009-10-05 23:23 - 00014336 _____ C:\Users\eddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-17 09:47 - 2013-07-17 09:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-17 09:47 - 2013-07-17 09:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-17 09:43 - 2013-07-17 09:43 - 00000000 ____D C:\Users\eddie\AppData\Local\ext_piccshare
2013-07-17 09:43 - 2013-07-17 09:42 - 00000000 ____D C:\Users\eddie\AppData\Local\Google
2013-07-17 09:42 - 2013-07-17 09:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\PiccShare
2013-07-17 09:41 - 2013-07-17 09:41 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Common
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-17 09:35 - 2013-07-17 09:34 - 50693449 _____ C:\Users\eddie\Desktop\FFSetupNoDVD3-1-1.exe
2013-07-17 09:28 - 2013-07-17 09:26 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-07-17 09:27 - 2013-07-17 09:27 - 00000827 _____ C:\Users\Public\Desktop\Winamp.lnk
2013-07-17 09:21 - 2009-10-08 17:31 - 00000000 ____D C:\ProgramData\Adobe
2013-07-17 09:21 - 2009-10-05 22:23 - 00000000 ____D C:\Users\eddie\AppData\Roaming\Adobe
2013-07-17 09:11 - 2013-07-19 10:03 - 00007236 _____ C:\Users\eddie\Desktop\infosall.htm
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 15:21 - 2009-10-06 21:10 - 00000000 ____D C:\ProgramData\Skype
2013-07-01 14:47 - 2013-07-01 14:47 - 00000680 _____ C:\Users\eddie\AppData\Local\d3d9caps.dat

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-28 09:39

==================== End Of Log ============================
--- --- ---
Alt 28.07.2013, 16:18   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Weisses Flash-Popup in Firefox - Standard

Weisses Flash-Popup in Firefox


ok ich warte dann mal auf Meldung
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Weisses Flash-Popup in Firefox
appdata, browser, button, code, datei, dateien, download, explorer, firefox, hilfe!, internet, internet browser, internet explorer, logfile, microsoft, mozilla, ordner, pop-up fenster, problem, programme, registrierungsdatenbank, roaming, software, suche, temp, vista, windows, öffnet


« Gvu-trojaner / nichts Geht mehr. | C:\Program Files(x86)\HomeTab\TBUpdater.dll bekomme ständig diese meldung ,ich poste mal die 2 logfile »


Ähnliche Themen: Weisses Flash-Popup in Firefox


  1. Schädling in Firefox / Flash
    Log-Analyse und Auswertung - 28.01.2015 (16)
  2. popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (37)
  3. Flash Video Player Popup?
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (5)
  4. Flash Video Player Popup?
    Antiviren-, Firewall- und andere Schutzprogramme - 11.06.2014 (2)
  5. Windows 7 - weisses Popup blockiert jede Seite im Firefox (kann entfernt werden)
    Log-Analyse und Auswertung - 08.12.2013 (13)
  6. Probleme mit Firefox, es läde ungefragt weisses Feld und Werbebanner
    Log-Analyse und Auswertung - 01.10.2013 (30)
  7. Weisses Display mit cursor
    Log-Analyse und Auswertung - 28.08.2013 (25)
  8. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 06.06.2012 (15)
  9. Popup rechts unten im Browser, nervende Werbung auch als Flash, schiebt sich von unten rein
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (36)
  10. Popup im Firefox: Aufforderung zum Download von packupdate170
    Plagegeister aller Art und deren Bekämpfung - 13.05.2010 (2)
  11. IE-PopUp's trotz Firefox
    Plagegeister aller Art und deren Bekämpfung - 27.11.2009 (13)
  12. Firefox 3 - Probleme mit neuster Flash Version
    Alles rund um Windows - 02.02.2009 (9)
  13. IE popup beim start von firefox 2.01
    Plagegeister aller Art und deren Bekämpfung - 15.01.2007 (4)
  14. IE Popup nach Firefox Start
    Log-Analyse und Auswertung - 08.01.2007 (7)
  15. IE Popup nach Firefox Start
    Log-Analyse und Auswertung - 31.12.2006 (1)
  16. Popup vom IE nach Firefox start
    Log-Analyse und Auswertung - 30.12.2006 (1)
  17. Selbständiges POPUP öffnen im Firefox
    Log-Analyse und Auswertung - 16.03.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Weisses Flash-Popup in Firefox - Hallo zusammen! Vielen Dank zunächst für die Möglichkeit, über dieses Board Hilfe zu bekommen! Ich habe das Problem, dass sich seit einigen Tagen immer mal wieder ein weisses Pop-up Fenster - Weisses Flash-Popup in Firefox...
Archiv
Du betrachtest: Weisses Flash-Popup in Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55