Grosser Virenscan

Baldoius · 28.01.2014, 19:06

Hallo!

Ich würde gerne mal ein Durchcheck meines PC machen.
Wo soll ich beginnen?

für Antworten

Gruss Baldoius

1. Defogger

--> Hab ich gemacht!

2. FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by ***** (administrator) on ASUS-X73S on 28-01-2014 18:58:42
Running from C:\Users\*****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Thong Nguyen) C:\Program Files (x86)\PowerMenu\PowerMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(dotPDN LLC) C:\Program Files\Paint.NET\PaintDotNet.exe
() C:\Program Files (x86)\Sublime Text 2\sublime_text.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2013-05-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-19] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6070040 2013-04-23] (Piriform Ltd)
HKCU\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Administrator\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Gast\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Gast\...\Policies\system: [LogonHoursAction] 2
HKU\Gast\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Lea\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Lea\...\Policies\system: [LogonHoursAction] 2
HKU\Lea\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Spielekonto\...\Policies\system: [LogonHoursAction] 2
HKU\Spielekonto\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-04-08] (NVIDIA Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk
ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Thong Nguyen)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = itprojekt.square7.ch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28B49E387EC5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {5F519B46-96EF-499F-BF24-C9E1548FA56B} hxxp://sonycam/program/SonySncDf70View.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.210 88.84.16.108
Tcpip\..\Interfaces\{52ACCD0C-CD6E-4B80-B520-286DEEC015E3}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{CC6F69AF-BEC2-436E-AA09-0D9DE562E21B}: [NameServer]127.0.0.1
Tcpip\..\Interfaces\{DBBFFA38-D610-4F10-BE35-C07573F64B15}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{E3B07140-174D-4590-A16C-E4C23E71385D}: [NameServer]192.168.0.210,192.168.0.220

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default
FF Homepage: www.google.ch
FF NetworkProxy: "backup.ftp", "5.9.203.92"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "5.9.203.92"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "5.9.203.92"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "91.228.53.28"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "91.228.53.28"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228.53.28"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "91.228.53.28"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20121231-0404 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @greentube.com/GreenWebPlayer - C:\Games\GreenWebPlayer\npgreenwebplayer.dll (Greentube Internet Entertainment Solutions GmbH)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.0.0 - C:\Users\*****\AppData\Roaming\..\LocalLow\StoneTrip\Web Player\npShiVa3D.dll (StoneTrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\anderes-wortde.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-12-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-12-24]
FF Extension: ipFuck - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\ipfuck@p4ul.info.xpi [2013-11-10]
FF Extension: ScrapBook - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-12-26]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-05-19]
FF Extension: ReloadEvery - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-12-28]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-24]
FF Extension: BetterPrivacy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-26]
FF Extension: DownThemAll! - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-23]
FF Extension: Adblock Edge - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-01]

Chrome: 
=======
CHR Extension: (avast! Online Security) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-26]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-19] (AVAST Software)
S4 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S4 DCMessages; C:\Windows\SysWOW64\DCMessages.exe [99720 2009-11-24] (Global Graphics Software Ltd)
S4 FileZilla Server; c:\xampp\filezillaftp\filezillaserver.exe [632320 2012-05-11] (FileZilla Project)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [403536 2010-10-26] (Logitech, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S4 mysql; C:\xampp\mysql\bin\mysqld.exe [8186368 2012-07-20] ()
R3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2013-09-09] (O&O Software GmbH)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 PortReporter; C:\Program Files (x86)\PortReporter\portreporter.exe [90183 2004-03-30] ()
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2011-09-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-19] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-19] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116936 2013-09-09] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41160 2013-09-09] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255688 2013-09-09] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44744 2013-09-09] (O&O Software GmbH)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2013-12-21] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS; 
S3 getbus; \??\C:\Users\*****\AppData\Local\Temp\getbus.sys [x]
S3 meddmrr; system32\DRIVERS\meddmrr.sys [x]
U3 aswMBR; \??\C:\Users\*****\AppData\Local\Temp\aswMBR.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 18:59 - 2014-01-28 18:59 - 00380416 _____ C:\Users\*****\Downloads\s03z4bxb.exe
2014-01-28 18:58 - 2014-01-28 18:58 - 00025231 _____ C:\Users\*****\Downloads\FRST.txt
2014-01-28 18:57 - 2014-01-28 18:58 - 02079232 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-01-28 18:57 - 2014-01-28 18:57 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-28 18:56 - 2014-01-28 18:56 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2014-01-28 18:39 - 2014-01-28 18:43 - 00000000 ____D C:\Users\*****\VirtualBox VMs
2014-01-28 18:38 - 2014-01-28 18:44 - 741343232 _____ C:\Users\*****\Downloads\ubuntu-12.04.3-desktop-i386.iso
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ C:\Users\*****\Documents\MBR.dat
2014-01-28 17:00 - 2014-01-28 17:09 - 00002593 _____ C:\Users\*****\Documents\aswMBR.txt
2014-01-28 16:54 - 2014-01-28 16:55 - 04745728 _____ (AVAST Software) C:\Users\*****\Downloads\aswmbr.exe
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D C:\Users\*****\Downloads\lightbox2.6
2014-01-27 19:55 - 2014-01-27 19:55 - 00745781 _____ C:\Users\*****\Downloads\lightbox2.6.zip
2014-01-27 19:05 - 2014-01-27 19:05 - 00000000 ____D C:\Users\*****\Desktop\*****_Geburtstag_12
2014-01-27 17:38 - 2014-01-28 18:35 - 00000000 ____D C:\Users\*****\Desktop\Unser Sonnensystem und Planeten
2014-01-27 17:13 - 2014-01-27 17:13 - 00187528 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 17:50 - 2014-01-26 17:54 - 00000000 ____D C:\AdwCleaner
2014-01-26 17:50 - 2014-01-26 17:50 - 01236282 _____ C:\Users\*****\Downloads\adwcleaner_3.017.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\*****\Downloads\HiJackThis204.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00013168 _____ C:\Users\*****\Downloads\hijackthis.log
2014-01-26 17:36 - 2014-01-26 17:36 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D C:\Program Files\Speccy
2014-01-26 17:35 - 2014-01-26 17:35 - 04779896 _____ (Piriform Ltd) C:\Users\*****\Downloads\spsetup124.exe
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D C:\Users\*****\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ C:\Users\*****\AppData\Roaming\iRotate.INI
2014-01-26 17:25 - 2014-01-26 17:26 - 00000000 ____D C:\Program Files (x86)\EeeRotate
2014-01-26 08:15 - 2014-01-28 06:39 - 00012420 _____ C:\Windows\IE11_main.log
2014-01-25 20:10 - 2014-01-25 20:10 - 00000022 _____ C:\Users\*****\Downloads\KeePass-2.24-German.zip
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ C:\Users\*****\Documents\KeePass.html
2014-01-25 20:06 - 2014-01-25 20:06 - 00000022 _____ C:\Users\*****\Downloads\KeePass-1.26-German.zip
2014-01-25 19:54 - 2014-01-25 19:54 - 00002101 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-25 10:21 - 2014-01-25 10:23 - 00000000 ____D C:\Users\*****\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe_Systems_Incorporate
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ C:\Users\Spielekonto\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ C:\Users\Spielekonto\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ C:\Users\Spielekonto\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ C:\Users\Spielekonto\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D C:\ASUS WebStorage
2014-01-19 08:57 - 2014-01-19 08:57 - 00000383 _____ C:\Users\*****\Downloads\432141325.csv
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Sublime Text 2
2014-01-19 07:59 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-19 07:59 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-19 07:56 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-19 07:56 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-19 07:55 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-19 07:55 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-19 07:55 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-19 07:55 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\ASUS WebStorage
2014-01-18 17:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-18 17:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-18 17:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-18 17:31 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-18 17:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-18 17:31 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-18 17:31 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-18 17:31 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-18 17:31 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-18 17:31 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-18 17:31 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-18 17:31 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-18 17:31 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-18 17:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-18 17:31 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-18 17:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-18 17:31 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-18 17:31 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-18 17:31 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-01-18 17:31 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-18 17:31 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-18 17:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 17:26 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-18 17:26 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-18 17:26 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-18 17:26 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D C:\Program Files (x86)\PolarSoft
2014-01-18 11:52 - 1998-06-23 23:00 - 00067376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Sysinfo.ocx
2014-01-18 11:51 - 2014-01-18 11:51 - 02475601 _____ (PolarSoft                                                   ) C:\Users\*****\Downloads\TMSetup.exe
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:42 - 2014-01-18 11:44 - 00000009 _____ C:\Windows\system32\online.txt
2014-01-18 11:40 - 2014-01-24 20:39 - 00000000 ____D C:\Program Files (x86)\Online_Program
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 07:28 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 07:28 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 07:28 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00001328 _____ C:\Users\*****\Desktop\PC Inspector File Recovery.lnk
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Program Files (x86)\Convar
2014-01-17 12:50 - 2014-01-17 12:51 - 03462033 _____ C:\Users\*****\Downloads\pci_filerecovery.exe
2014-01-17 12:50 - 2014-01-17 12:50 - 03736125 _____ C:\Users\*****\Downloads\testdisk-6.14.win.zip
2014-01-17 12:44 - 2014-01-17 12:44 - 00000000 ____D C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-17 12:26 - 2014-01-20 16:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2014-01-03 14:09 - 2014-01-03 14:09 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\AVAST Software
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Stardock
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Logitech
2014-01-03 14:07 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Adobe
2014-01-03 14:07 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Origin
2014-01-03 14:07 - 2014-01-03 14:07 - 00187528 _____ C:\Users\Spielekonto\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 14:07 - 2014-01-03 14:07 - 00001427 _____ C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Origin
2014-01-03 14:06 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\VirtualStore
2014-01-03 14:06 - 2014-01-19 08:00 - 00168856 __RSH C:\Users\Spielekonto\ntuser.pol
2014-01-03 14:05 - 2014-01-19 12:51 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Google
2014-01-03 14:05 - 2014-01-19 08:00 - 00000000 ____D C:\Users\Spielekonto
2014-01-03 14:05 - 2014-01-03 14:05 - 00000020 ___SH C:\Users\Spielekonto\ntuser.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Vorlagen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Startmenü
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Netzwerkumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Lokale Einstellungen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Eigene Dateien
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Druckumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Musik
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Bilder
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Verlauf
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Anwendungsdaten
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Anwendungsdaten
2014-01-03 14:05 - 2013-10-26 14:33 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\ifolor
2014-01-03 14:05 - 2012-12-09 15:46 - 00000000 ____D C:\Users\Spielekonto\AppData\LocalGoogle
2014-01-03 14:05 - 2012-06-03 06:24 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Microsoft Help
2014-01-03 14:05 - 2011-06-22 11:46 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-01-03 14:05 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-03 14:05 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-01 19:20 - 2014-01-01 19:20 - 00135712 _____ C:\wubildr
2014-01-01 18:09 - 2014-01-01 18:09 - 00008192 _____ C:\wubildr.mbr
2014-01-01 17:13 - 2014-01-01 17:15 - 00000000 ____D C:\Users\*****\Downloads\Windows_7_Wallpaper
2014-01-01 17:13 - 2014-01-01 17:14 - 00000000 ____D C:\Windows\wallpapers
2014-01-01 17:09 - 2014-01-01 17:09 - 00001850 _____ C:\Users\*****\Desktop\Maya.lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001425 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.3).lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001284 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.1).lnk
2014-01-01 17:08 - 2014-01-01 17:08 - 00001045 _____ C:\Users\*****\Desktop\Schweizer Strassenschilder.lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2011 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001263 _____ C:\Users\*****\Desktop\Skiregion Simulator 2012 .lnk
2014-01-01 17:01 - 2014-01-01 17:01 - 00003037 _____ C:\Users\*****\Desktop\Excel 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00003015 _____ C:\Users\*****\Desktop\Word 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00002937 _____ C:\Users\*****\Desktop\PowerPoint 2013.lnk
2014-01-01 16:54 - 2014-01-01 16:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Bildverkleinerer
2014-01-01 16:10 - 2014-01-01 16:10 - 00290304 _____ (Dr. Wuro Industries) C:\Users\*****\Downloads\verkleinerer17b.exe

==================== One Month Modified Files and Folders =======

2014-01-28 18:59 - 2014-01-28 18:59 - 00380416 _____ C:\Users\*****\Downloads\s03z4bxb.exe
2014-01-28 18:59 - 2014-01-28 18:58 - 00025231 _____ C:\Users\*****\Downloads\FRST.txt
2014-01-28 18:58 - 2014-01-28 18:57 - 02079232 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-01-28 18:57 - 2014-01-28 18:57 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-28 18:57 - 2011-08-07 10:00 - 00000000 ____D C:\Users\*****
2014-01-28 18:56 - 2014-01-28 18:56 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2014-01-28 18:53 - 2012-09-11 04:04 - 00000000 __SHD C:\xampp
2014-01-28 18:48 - 2012-04-12 11:49 - 00000000 ____D C:\Users\*****\.VirtualBox
2014-01-28 18:44 - 2014-01-28 18:38 - 741343232 _____ C:\Users\*****\Downloads\ubuntu-12.04.3-desktop-i386.iso
2014-01-28 18:43 - 2014-01-28 18:39 - 00000000 ____D C:\Users\*****\VirtualBox VMs
2014-01-28 18:35 - 2014-01-27 17:38 - 00000000 ____D C:\Users\*****\Desktop\Unser Sonnensystem und Planeten
2014-01-28 18:28 - 2012-03-29 11:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 18:12 - 2013-09-01 19:02 - 01092631 _____ C:\Windows\WindowsUpdate.log
2014-01-28 18:12 - 2012-09-14 17:23 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ C:\Users\*****\Documents\MBR.dat
2014-01-28 17:09 - 2014-01-28 17:00 - 00002593 _____ C:\Users\*****\Documents\aswMBR.txt
2014-01-28 17:00 - 2011-09-25 07:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2014-01-28 16:55 - 2014-01-28 16:54 - 04745728 _____ (AVAST Software) C:\Users\*****\Downloads\aswmbr.exe
2014-01-28 16:53 - 2013-09-07 11:13 - 00000000 ____D C:\Users\*****\Desktop\Thunderbird
2014-01-28 16:53 - 2013-07-17 18:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce8313387cd85a.job
2014-01-28 16:53 - 2013-06-12 05:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 06:39 - 2014-01-26 08:15 - 00012420 _____ C:\Windows\IE11_main.log
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D C:\Users\*****\Downloads\lightbox2.6
2014-01-27 19:56 - 2013-10-25 20:36 - 00097280 ___SH C:\Users\*****\Documents\Thumbs.db
2014-01-27 19:55 - 2014-01-27 19:55 - 00745781 _____ C:\Users\*****\Downloads\lightbox2.6.zip
2014-01-27 19:32 - 2011-08-08 16:05 - 00000000 ____D C:\Users\*****\AppData\Local\Paint.NET
2014-01-27 19:05 - 2014-01-27 19:05 - 00000000 ____D C:\Users\*****\Desktop\*****_Geburtstag_12
2014-01-27 17:38 - 2013-09-28 06:00 - 00333312 ___SH C:\Users\*****\Desktop\Thumbs.db
2014-01-27 17:13 - 2014-01-27 17:13 - 00187528 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 12:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-27 12:10 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 12:10 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 12:02 - 2013-12-08 17:46 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-27 12:02 - 2011-08-07 10:00 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2014-01-27 12:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-26 17:54 - 2014-01-26 17:50 - 00000000 ____D C:\AdwCleaner
2014-01-26 17:50 - 2014-01-26 17:50 - 01236282 _____ C:\Users\*****\Downloads\adwcleaner_3.017.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\*****\Downloads\HiJackThis204.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00013168 _____ C:\Users\*****\Downloads\hijackthis.log
2014-01-26 17:36 - 2014-01-26 17:36 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D C:\Program Files\Speccy
2014-01-26 17:35 - 2014-01-26 17:35 - 04779896 _____ (Piriform Ltd) C:\Users\*****\Downloads\spsetup124.exe
2014-01-26 17:35 - 2012-12-12 17:46 - 00236544 ___SH C:\Users\*****\Thumbs.db
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D C:\Users\*****\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ C:\Users\*****\AppData\Roaming\iRotate.INI
2014-01-26 17:26 - 2014-01-26 17:25 - 00000000 ____D C:\Program Files (x86)\EeeRotate
2014-01-26 16:25 - 2013-05-19 17:09 - 00022528 _____ C:\Users\*****\AppData\Local\WebpageIcons.db
2014-01-26 11:25 - 2013-03-24 14:14 - 00000000 ____D C:\Users\*****\AppData\Roaming\KeePass
2014-01-25 20:10 - 2014-01-25 20:10 - 00000022 _____ C:\Users\*****\Downloads\KeePass-2.24-German.zip
2014-01-25 20:10 - 2013-03-24 14:01 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ C:\Users\*****\Documents\KeePass.html
2014-01-25 20:06 - 2014-01-25 20:06 - 00000022 _____ C:\Users\*****\Downloads\KeePass-1.26-German.zip
2014-01-25 19:54 - 2014-01-25 19:54 - 00002101 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-25 19:42 - 2011-06-22 11:39 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-25 10:23 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe_Systems_Incorporate
2014-01-25 10:21 - 2011-08-29 12:30 - 00000000 ___HD C:\Program Files (x86)\Adobe
2014-01-25 10:17 - 2013-12-12 16:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-01-24 20:39 - 2014-01-18 11:40 - 00000000 ____D C:\Program Files (x86)\Online_Program
2014-01-23 20:16 - 2009-07-14 06:08 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-20 16:45 - 2014-01-17 12:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2014-01-20 12:29 - 2009-07-29 07:03 - 00000000 ____D C:\Windows\Panther
2014-01-20 12:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-19 18:20 - 2011-02-19 05:24 - 00723122 _____ C:\Windows\system32\perfh007.dat
2014-01-19 18:20 - 2011-02-19 05:24 - 00156670 _____ C:\Windows\system32\perfc007.dat
2014-01-19 18:20 - 2009-07-14 06:13 - 01672432 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Adobe
2014-01-19 13:03 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ C:\Users\Spielekonto\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ C:\Users\Spielekonto\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ C:\Users\Spielekonto\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ C:\Users\Spielekonto\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-19 12:52 - 2013-12-01 15:05 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-19 12:51 - 2014-01-03 14:05 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Google
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D C:\ASUS WebStorage
2014-01-19 08:57 - 2014-01-19 08:57 - 00000383 _____ C:\Users\*****\Downloads\432141325.csv
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Sublime Text 2
2014-01-19 08:01 - 2014-01-03 14:06 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\VirtualStore
2014-01-19 08:00 - 2014-01-03 14:06 - 00168856 __RSH C:\Users\Spielekonto\ntuser.pol
2014-01-19 08:00 - 2014-01-03 14:05 - 00000000 ____D C:\Users\Spielekonto
2014-01-19 08:00 - 2011-08-21 09:06 - 00000680 __RSH C:\Users\*****\ntuser.pol
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\ASUS WebStorage
2014-01-18 17:54 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Origin
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D C:\Program Files (x86)\PolarSoft
2014-01-18 11:51 - 2014-01-18 11:51 - 02475601 _____ (PolarSoft                                                   ) C:\Users\*****\Downloads\TMSetup.exe
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:44 - 2014-01-18 11:42 - 00000009 _____ C:\Windows\system32\online.txt
2014-01-18 07:45 - 2013-11-21 20:01 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2011-08-07 12:36 - 00000000 ___HD C:\Program Files (x86)\Java
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00001328 _____ C:\Users\*****\Desktop\PC Inspector File Recovery.lnk
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Program Files (x86)\Convar
2014-01-17 12:51 - 2014-01-17 12:50 - 03462033 _____ C:\Users\*****\Downloads\pci_filerecovery.exe
2014-01-17 12:50 - 2014-01-17 12:50 - 03736125 _____ C:\Users\*****\Downloads\testdisk-6.14.win.zip
2014-01-17 12:44 - 2014-01-17 12:44 - 00000000 ____D C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-16 19:26 - 2012-06-02 17:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 19:26 - 2009-07-14 03:34 - 00000563 _____ C:\Windows\win.ini
2014-01-03 14:15 - 2013-05-04 07:06 - 00000000 ____D C:\Users\*****\AppData\Roaming\Media Player Classic
2014-01-03 14:09 - 2014-01-03 14:09 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\AVAST Software
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Stardock
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Logitech
2014-01-03 14:07 - 2014-01-03 14:07 - 00187528 _____ C:\Users\Spielekonto\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 14:07 - 2014-01-03 14:07 - 00001427 _____ C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Origin
2014-01-03 14:06 - 2011-06-22 11:42 - 00002748 _____ C:\Windows\system32\AutoRunFilter.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000020 ___SH C:\Users\Spielekonto\ntuser.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Vorlagen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Startmenü
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Netzwerkumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Lokale Einstellungen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Eigene Dateien
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Druckumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Musik
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Bilder
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Verlauf
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Anwendungsdaten
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Anwendungsdaten
2014-01-01 19:20 - 2014-01-01 19:20 - 00135712 _____ C:\wubildr
2014-01-01 18:10 - 2012-10-01 06:40 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-01 18:09 - 2014-01-01 18:09 - 00008192 _____ C:\wubildr.mbr
2014-01-01 17:15 - 2014-01-01 17:13 - 00000000 ____D C:\Users\*****\Downloads\Windows_7_Wallpaper
2014-01-01 17:14 - 2014-01-01 17:13 - 00000000 ____D C:\Windows\wallpapers
2014-01-01 17:09 - 2014-01-01 17:09 - 00001850 _____ C:\Users\*****\Desktop\Maya.lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001425 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.3).lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001284 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.1).lnk
2014-01-01 17:08 - 2014-01-01 17:08 - 00001045 _____ C:\Users\*****\Desktop\Schweizer Strassenschilder.lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2011 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001263 _____ C:\Users\*****\Desktop\Skiregion Simulator 2012 .lnk
2014-01-01 17:01 - 2014-01-01 17:01 - 00003037 _____ C:\Users\*****\Desktop\Excel 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00003015 _____ C:\Users\*****\Desktop\Word 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00002937 _____ C:\Users\*****\Desktop\PowerPoint 2013.lnk
2014-01-01 16:56 - 2013-11-22 16:17 - 00000000 ____D C:\Users\*****\Desktop\Hochhaus
2014-01-01 16:54 - 2014-01-01 16:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Bildverkleinerer
2014-01-01 16:10 - 2014-01-01 16:10 - 00290304 _____ (Dr. Wuro Industries) C:\Users\*****\Downloads\verkleinerer17b.exe

Files to move or delete:
====================
C:\Users\*****\AppData\Roaming\Camdata.ini
C:\Users\*****\AppData\Roaming\CamLayout.ini
C:\Users\*****\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\*****\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 18:45

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

3. GMER

Sürtzt leider immer mit folgendem Status ab:

Passiert immer nach dem Start

Gruss

schrauber · 28.01.2014, 22:08

Hi,

soweit gut. hast Du den Proxy in Firefox gesetzt? Probleme mit dem Rechner?

Baldoius · 30.01.2014, 12:56

Zitat:

Zitat von schrauber

Hi,

soweit gut. hast Du den Proxy in Firefox gesetzt? Probleme mit dem Rechner?

Hallo schrauber

Probleme mit dem Rechner habe ich (eigentlich) nicht, manchmal geht es halt eine Weile bis Windows startet (ich mich einloggen kann) und danach bis der Desktop geladen ist :-/

Es ist ein Proxy im Firefox gesetzt, dieser wird aber nicht verwendet (abgeschaltet).

Gruss Baldoius

HELP!

Trotzdem grosses Problem: Ich habe innert einer Minuten 1'683 Bytes per LAN empfangen!!! Ich blockiere fast die ganze Leitung? Habe ich trotzdem ein Virus?

Gruss Baldoius

schrauber · 31.01.2014, 08:46

Ich verstehe nicht warum die meisten User hier nix besseres zu tun haben als an ihrer Leitung rum zu schnüffeln, wenn man nicht 100% Ahnung davon hat

Malware ist in den Logs keine. Wer sendet die, wer empfängt die, welcher prozess?

Baldoius · 06.02.2014, 18:20

Hallo schrauber

Zitat:

Ich verstehe nicht warum die meisten User hier nix besseres zu tun haben als an ihrer Leitung rum zu schnüffeln, wenn man nicht 100% Ahnung davon hat

Stimmt, es waren ja nur Bytes

Gruss

PS: Da lief wieder mal ein Winoberdoof-Update

schrauber · 07.02.2014, 16:50

Siehste

Baldoius · 07.02.2014, 19:50

Und sonst alles ok?
Oder gibt es da noch Dinge die man checken könnte?

Gruss und gute Nacht

schrauber · 08.02.2014, 14:13

Wir entfernen noch en bissl Adware

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Baldoius · 09.02.2014, 08:10

MalwareBytes:

Leider lief der CCleaner beim Starten des PC und hat auch das Log gelöscht :-/
MalwareBytes hat insgesamt 9* PUP-Adware gefunden und auch entfernt....

AdwCleaner:

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.018 - Bericht erstellt am 08/02/2014 um 17:03:54
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ****** - ASUS-X73S
# Gestartet von : C:\Users\******\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\******\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\******\AppData\Local\SwvUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\prefs.js ]


[ Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\sbfcl0ry.default\prefs.js ]


[ Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\sbfcl0ry.default\prefs.js ]


[ Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\okjzygk4.default\prefs.js ]


[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\nym0gmae.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [5328 octets] - [26/01/2014 17:51:01]
AdwCleaner[R3].txt - [1757 octets] - [08/02/2014 17:00:55]
AdwCleaner[S2].txt - [5351 octets] - [26/01/2014 17:53:52]
AdwCleaner[S3].txt - [1678 octets] - [08/02/2014 17:03:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1738 octets] ##########

--- --- ---

JRT folgt....

Und noch JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by ***** on 08.02.2014 at 17:09:49.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\*****\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\koq680jp.default\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2014 at 17:39:03.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gruss Baldo

schrauber · 09.02.2014, 17:17

frisches FRST log fehlt

Baldoius · 09.02.2014, 19:20

Zitat:

Zitat von schrauber

frisches FRST log fehlt

Stimmt - siehste, ich bin eben auch nicht perfekt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 02
Ran by ****** (administrator) on ASUS-X73S on 09-02-2014 19:15:30
Running from C:\Users\******\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware2\SASCORE64.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Thong Nguyen) C:\Program Files (x86)\PowerMenu\PowerMenu.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\plugins\Slideshow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\dexpot.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\Dexpot64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2013-05-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-19] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Run: [ccleanerner] - C:\Program Files\ccleanerner\ccleanerner64.exe [6070040 2013-04-23] (Piriform Ltd)
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware2\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Run: [CPU_Control] - C:\Program Files (x86)\CPU-Control\CPU_Control.exe [1034240 2009-01-04] ()
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3972431589-2566625243-1631541889-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-04-08] (NVIDIA Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk
ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Thong Nguyen)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = itprojekt.square7.ch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28B49E387EC5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {5F519B46-96EF-499F-BF24-C9E1548FA56B} hxxp://sonycam/program/SonySncDf70View.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.210 88.84.16.108
Tcpip\..\Interfaces\{52ACCD0C-CD6E-4B80-B520-286DEEC015E3}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{CC6F69AF-BEC2-436E-AA09-0D9DE562E21B}: [NameServer]127.0.0.1
Tcpip\..\Interfaces\{DBBFFA38-D610-4F10-BE35-C07573F64B15}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{E3B07140-174D-4590-A16C-E4C23E71385D}: [NameServer]192.168.0.210,192.168.0.220

FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default
FF Homepage: www.google.ch
FF NetworkProxy: "backup.ftp", "5.9.203.92"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "5.9.203.92"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "5.9.203.92"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "91.228.53.28"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "91.228.53.28"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228.53.28"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "91.228.53.28"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20121231-0404 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @Skype.com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @greentube.com/GreenWebPlayer - C:\Games\GreenWebPlayer\npgreenwebplayer.dll (Greentube Internet Entertainment Solutions GmbH)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.0.0 - C:\Users\******\AppData\Roaming\..\LocalLow\StoneTrip\Web Player\npShiVa3D.dll (StoneTrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\anderes-wortde.xml
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-12-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-12-24]
FF Extension: ipFuck - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\ipfuck@p4ul.info.xpi [2013-11-10]
FF Extension: ScrapBook - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-12-26]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-05-19]
FF Extension: ReloadEvery - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-12-28]
FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-24]
FF Extension: BetterPrivacy - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-26]
FF Extension: DownThemAll! - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-23]
FF Extension: Adblock Edge - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-01]

Chrome: 
=======
CHR Extension: (avast! Online Security) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-26]
CHR Extension: (Google Wallet) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R3 !SASCORE; C:\Program Files\SUPERAntiSpyware2\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-19] (AVAST Software)
S3 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S4 DCMessages; C:\Windows\SysWOW64\DCMessages.exe [99720 2009-11-24] (Global Graphics Software Ltd)
S4 FileZilla Server; c:\xampp\filezillaftp\filezillaserver.exe [632320 2012-05-11] (FileZilla Project)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [403536 2010-10-26] (Logitech, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S4 mysql; C:\xampp\mysql\bin\mysqld.exe [8186368 2012-07-20] ()
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2013-09-09] (O&O Software GmbH)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 PortReporter; C:\Program Files (x86)\PortReporter\portreporter.exe [90183 2004-03-30] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2011-09-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-19] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-19] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116936 2013-09-09] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41160 2013-09-09] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255688 2013-09-09] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44744 2013-09-09] (O&O Software GmbH)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2013-12-21] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware2\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware2\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 getbus; \??\C:\Users\******\AppData\Local\Temp\getbus.sys [X]
S3 meddmrr; system32\DRIVERS\meddmrr.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-09 19:15 - 2014-02-09 19:15 - 00025632 _____ () C:\Users\******\Desktop\FRST.txt
2014-02-09 19:13 - 2014-02-09 19:13 - 02170880 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-02-09 19:11 - 2014-02-09 19:12 - 01138688 _____ (Farbar) C:\Users\******\Downloads\FRST.exe
2014-02-09 07:58 - 2014-02-09 07:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-09 07:58 - 2014-02-09 07:58 - 00000000 _____ () C:\Windows\setupact.log
2014-02-08 20:13 - 2014-02-08 20:13 - 00000000 ____D () C:\Windows\System32\Tasks\Dexpot
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-08 17:39 - 2014-02-08 17:39 - 00000837 _____ () C:\Users\******\Desktop\JRT.txt
2014-02-08 17:17 - 2014-02-08 17:17 - 00187528 _____ () C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-08 17:08 - 2014-02-08 17:08 - 01037530 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-02-08 17:00 - 2014-02-08 17:00 - 01166132 _____ () C:\Users\******\Desktop\adwc******ner.exe
2014-02-08 11:54 - 2014-02-08 11:54 - 00347853 _____ () C:\Users\******\Downloads\disableCropWithering.exe
2014-02-08 11:12 - 2014-02-08 11:13 - 148190592 _____ (GIANTS Software ) C:\Users\******\Downloads\FarmingSimulator2013Patch2.1DE_PublicBeta3.exe
2014-02-08 07:05 - 2014-02-08 11:29 - 00000000 ____D () C:\Users\******\Desktop 3
2014-02-08 06:56 - 2014-02-08 06:57 - 00000000 ____D () C:\Users\******\Downloads\Desktop_anzeigen
2014-02-08 06:56 - 2014-02-08 06:56 - 00000677 _____ () C:\Users\******\Downloads\Desktop_anzeigen.zip
2014-02-08 06:49 - 2014-02-08 06:49 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-02-08 06:48 - 2014-02-08 06:48 - 06463660 _____ (Punk Software ) C:\Users\******\Downloads\rocketdock_7961.exe
2014-02-07 19:18 - 2014-02-07 19:18 - 00000472 _____ () C:\ProgramData\{E64C5E32-866E-482B-AB32-760B7F30EE12}_WiseFW.ini
2014-02-07 19:16 - 2014-02-07 19:16 - 08867712 _____ () C:\Users\******\Downloads\360desktop_17134.exe
2014-02-07 17:58 - 2014-02-08 07:01 - 00000000 ____D () C:\Users\******\Desktop 2
2014-02-07 17:50 - 2014-02-07 18:30 - 240567688 _____ () C:\Users\******\Desktop\output.mp4
2014-02-07 17:43 - 2014-02-08 16:58 - 00000000 ____D () C:\Users\******\AppData\Roaming\Dexpot
2014-02-07 17:43 - 2014-02-07 17:43 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
2014-02-07 17:43 - 2014-02-07 17:43 - 00000000 ____D () C:\Program Files (x86)\Dexpot
2014-02-07 17:36 - 2014-02-07 17:36 - 00000000 ____D () C:\Users\******\Desktop\Easy h264 v0.6r
2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____D () C:\Program Files (x86)\Easy h264 v0.6r
2014-02-07 12:34 - 2014-02-07 12:35 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\CPUControl
2014-02-07 12:34 - 2014-02-07 12:34 - 00002028 _____ () C:\Users\Administrator\Desktop\Anpassen Fences.lnk
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Stardock
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Origin
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Origin
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CyberGhost
2014-02-07 12:33 - 2014-02-07 12:33 - 00002249 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-02-07 12:20 - 2014-02-07 12:25 - 00000000 ____D () C:\Users\******\AppData\Roaming\CPUControl
2014-02-07 12:20 - 2014-02-07 12:20 - 00000000 ____D () C:\Program Files (x86)\CPU-Control
2014-02-07 12:19 - 2014-02-07 12:19 - 00674184 _____ () C:\Users\******\Downloads\CPU_Control21.zip
2014-02-07 12:19 - 2014-02-07 12:19 - 00000000 ____D () C:\Users\******\Downloads\CPU_Control21
2014-02-07 12:17 - 2014-02-07 12:18 - 00202390 _____ () C:\Users\******\Downloads\LS 13 flüssiger spielen.rar
2014-02-06 18:54 - 2014-02-06 19:08 - 768606208 _____ () C:\Users\******\Downloads\ubuntu-12.04.4-desktop-amd64.iso
2014-02-06 18:39 - 2014-02-06 18:40 - 00008676 _____ () C:\Users\******\Downloads\autoren - Kopie.xlsx
2014-02-06 18:37 - 2014-02-06 18:37 - 00006944 _____ () C:\Users\******\Downloads\autoren.xlsx
2014-02-06 18:28 - 2014-02-06 18:30 - 00716800 _____ () C:\Users\******\Documents\Kontakte.accdb
2014-02-06 18:27 - 2014-02-06 18:27 - 00358854 _____ () C:\Users\******\Documents\Kontakte.accdt
2014-02-06 18:24 - 2014-02-06 18:41 - 00000000 ___SD () C:\Users\******\Documents\Meine Datenquellen
2014-02-06 18:21 - 2014-02-06 18:21 - 00000667 _____ () C:\Users\******\Downloads\settings.php.bak
2014-02-06 12:45 - 2014-02-06 12:46 - 01900544 _____ () C:\Users\******\Documents\Datenbank1.accdb
2014-02-06 12:45 - 2014-02-06 12:45 - 00602421 _____ () C:\Users\******\Documents\Projekte.accdt
2014-02-06 06:44 - 2014-02-06 06:44 - 00000000 ____D () C:\Users\******\AppData\Roaming\Zattoo
2014-02-06 06:43 - 2014-02-06 06:43 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo Europa AG
2014-02-06 06:42 - 2014-02-06 06:43 - 00000000 ____D () C:\Users\******\AppData\Local\Deployment
2014-02-06 06:42 - 2014-02-06 06:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-05 20:04 - 2014-02-05 20:04 - 04538368 _____ () C:\Users\******\Downloads\SkypeWebPlugin-2.2.12059.16911.msi
2014-02-05 20:04 - 2014-02-05 20:04 - 00000000 ____D () C:\Program Files (x86)\SkypeWebPlugin
2014-02-05 20:03 - 2014-02-05 20:03 - 03540183 _____ () C:\Users\******\Downloads\Powerpoint (1).pptx
2014-02-05 18:07 - 2014-02-05 18:07 - 00010166 _____ () C:\Users\******\Downloads\Excel-A8.xlsx
2014-02-05 17:51 - 2014-02-05 17:51 - 03540183 _____ () C:\Users\******\Downloads\Powerpoint.pptx
2014-02-05 07:09 - 2014-02-05 07:10 - 00000000 ____D () C:\Program Files (x86)\Convert AVI to MP4
2014-02-05 07:08 - 2014-02-05 07:08 - 02833691 _____ (convertavitomp3.com ) C:\Users\******\Downloads\convertavitomp4_setup.exe
2014-02-04 07:07 - 2014-02-04 07:07 - 00000108 _____ () C:\Users\******\Downloads\playlist.pls
2014-02-04 07:03 - 2014-02-04 07:03 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-02-04 07:03 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2014-02-04 07:03 - 2005-07-14 12:31 - 00032256 ___SH () C:\Windows\SysWOW64\AVSredirect.dll
2014-02-04 07:03 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2014-02-04 07:03 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2014-02-04 07:03 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2014-02-04 07:01 - 2014-02-04 07:01 - 00000000 ____D () C:\Users\******\Documents\eRightSoft
2014-02-04 07:01 - 2012-10-05 19:54 - 00188416 __RSH () C:\Windows\SysWOW64\winDCE32.dll
2014-02-04 07:01 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2014-02-04 07:01 - 2011-06-15 23:00 - 00163328 __RSH () C:\Windows\SysWOW64\flvDX.dll
2014-02-04 07:01 - 2011-06-14 19:05 - 00121344 __RSH () C:\Windows\SysWOW64\TAKDSDecoder.ax
2014-02-04 07:01 - 2011-02-11 10:26 - 00112128 __RSH () C:\Windows\SysWOW64\OptimFROG.dll
2014-02-04 07:01 - 2010-01-06 23:00 - 00107520 __RSH () C:\Windows\SysWOW64\TAKDSDecoder.dll
2014-02-04 07:01 - 2009-09-27 23:00 - 00143872 __RSH () C:\Windows\SysWOW64\AviDX.ax
2014-02-04 07:01 - 2009-08-10 23:00 - 00352768 __RSH () C:\Windows\SysWOW64\ac3DX.ax
2014-02-04 07:01 - 2009-03-17 10:38 - 00070656 __RSH () C:\Windows\SysWOW64\RLAPEDec.ax
2014-02-04 07:01 - 2009-01-18 17:15 - 00120832 __RSH () C:\Windows\SysWOW64\MPCDx.ax
2014-02-04 07:01 - 2009-01-18 12:03 - 00107520 __RSH () C:\Windows\SysWOW64\RLMPCDec.ax
2014-02-04 07:01 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\SysWOW64\nbDX.dll
2014-02-04 07:01 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\SysWOW64\msfDX.dll
2014-02-04 07:01 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\SysWOW64\CoreAAC.ax
2014-02-04 07:01 - 2006-03-10 20:21 - 00195584 __RSH () C:\Windows\SysWOW64\MatroskaDX.ax
2014-02-04 07:01 - 2006-01-12 23:00 - 00123904 __RSH (CoreCodec) C:\Windows\SysWOW64\AVCDX.ax
2014-02-04 07:01 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\SysWOW64\RealMediaDX.ax
2014-02-04 07:01 - 2005-02-22 17:55 - 00081920 __RSH () C:\Windows\SysWOW64\aac_parser.ax
2014-02-04 07:01 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\SysWOW64\RLOgg.ax
2014-02-04 07:01 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\SysWOW64\RLTheoraDec.ax
2014-02-04 07:01 - 2005-02-13 00:00 - 00051712 __RSH () C:\Windows\SysWOW64\RLSpeexDec.ax
2014-02-04 07:01 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\SysWOW64\RLVorbisDec.ax
2014-02-04 07:01 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\SysWOW64\DiracSplitter.ax
2014-02-04 07:01 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2014-02-04 07:01 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSSplitter.ax
2014-02-04 07:01 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSDecoder.ax
2014-02-04 07:01 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2014-02-04 07:01 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2014-02-04 07:01 - 2003-12-07 08:59 - 00097280 __RSH () C:\Windows\SysWOW64\FLACDX.ax
2014-02-04 07:00 - 2014-02-04 07:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-02-03 19:58 - 2014-02-03 20:01 - 00000000 ____D () C:\Fraps
2014-02-03 19:58 - 2014-02-03 19:58 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-02-03 19:56 - 2014-02-03 19:56 - 00000000 ____D () C:\Users\******\Downloads\F356rs
2014-02-03 19:55 - 2014-02-03 19:55 - 02622049 _____ () C:\Users\******\Downloads\F356rs.rar
2014-02-03 17:27 - 2014-02-03 17:27 - 05471642 _____ () C:\Users\******\Downloads\Albutt_Tele_Tools.exe
2014-02-01 12:07 - 2014-02-01 12:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\mp3DirectCut
2014-02-01 12:07 - 2014-02-01 12:07 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-02-01 12:06 - 2014-02-01 12:06 - 00300850 _____ () C:\Users\******\Downloads\mp3DC219.exe
2014-02-01 11:55 - 2014-02-01 11:55 - 10145406 _____ () C:\Users\******\Downloads\setupttsmaster.exe
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-02-01 11:23 - 2014-02-01 11:24 - 00527423 _____ ( ) C:\Users\******\Downloads\Lame_v3.99.3_for_Windows.exe
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Users\******\.MakeMKV
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Program Files (x86)\MakeMKV
2014-02-01 11:10 - 2014-02-01 11:10 - 09805138 _____ (GuinpinSoft inc) C:\Users\******\Downloads\Setup_MakeMKV_v1.8.7.exe
2014-02-01 08:58 - 2014-02-01 08:58 - 04144094 _____ (No23) C:\Users\******\Downloads\No23Recorder.exe
2014-02-01 08:57 - 2014-02-01 08:57 - 00063349 _____ () C:\Users\******\Documents\Unbenannt.wma
2014-01-30 17:23 - 2014-01-30 17:24 - 00000000 ____D () C:\Users\******\Downloads\HerrenhausenPackv1.2
2014-01-30 16:42 - 2014-01-30 16:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-01-30 16:41 - 2014-01-30 16:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-30 16:41 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnc******n64.exe
2014-01-30 12:19 - 2014-01-30 12:19 - 00000000 ____D () C:\Users\******\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-29 19:59 - 2014-01-29 19:59 - 00000000 ____D () C:\Users\******\Documents\Razer
2014-01-29 17:38 - 2014-01-29 17:38 - 00000000 ____D () C:\Users\******\Documents\Stadtgame
2014-01-29 17:21 - 2014-01-29 17:21 - 00007404 _____ () C:\Users\******\Downloads\Addition (1).txt
2014-01-29 17:20 - 2014-01-29 17:20 - 00007404 _____ () C:\Users\******\Downloads\Addition.txt
2014-01-28 19:15 - 2014-01-28 19:15 - 00000000 ____D () C:\SUPERDelete
2014-01-28 19:14 - 2014-01-28 19:15 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware2
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-01-28 18:39 - 2014-02-06 19:15 - 00000000 ____D () C:\Users\******\VirtualBox VMs
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ () C:\Users\******\Documents\MBR.dat
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D () C:\Users\******\Downloads\lightbox2.6
2014-01-27 17:38 - 2014-02-08 07:02 - 00000000 ___RD () C:\Users\******\Desktop\Unser Sonnensystem und Planeten
2014-01-26 17:50 - 2014-02-08 17:04 - 00000000 ____D () C:\AdwC******ner
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D () C:\Program Files\Speccy
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D () C:\Users\******\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ () C:\Users\******\AppData\Roaming\iRotate.INI
2014-01-26 17:25 - 2014-01-26 17:26 - 00000000 ____D () C:\Program Files (x86)\EeeRotate
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ () C:\Users\******\Documents\KeePass.html
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-25 10:21 - 2014-01-25 10:23 - 00000000 ____D () C:\Users\******\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D () C:\Users\******\AppData\Local\Adobe_Systems_Incorporate
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D () C:\Users\******\AppData\Local\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ () C:\Users\******\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ () C:\Users\******\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ () C:\Users\******\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ () C:\Users\******\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ () C:\Users\******\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ () C:\Users\******\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ () C:\Users\******\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ () C:\Users\******\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D () C:\ASUS WebStorage
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D () C:\Users\******\AppData\Roaming\Sublime Text 2
2014-01-19 07:59 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-19 07:59 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-19 07:56 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-19 07:56 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-19 07:55 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-19 07:55 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-19 07:55 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-19 07:55 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D () C:\Users\******\AppData\Roaming\ASUS WebStorage
2014-01-18 17:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-18 17:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-18 17:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-18 17:31 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-18 17:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-18 17:31 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-18 17:31 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-18 17:31 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-18 17:31 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-18 17:31 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-18 17:31 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-18 17:31 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-18 17:31 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-18 17:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-18 17:31 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-18 17:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-18 17:31 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-18 17:31 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-18 17:31 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-01-18 17:31 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-18 17:31 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-18 17:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 17:26 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-18 17:26 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-18 17:26 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-18 17:26 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D () C:\Program Files (x86)\PolarSoft
2014-01-18 11:52 - 1998-06-23 23:00 - 00067376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Sysinfo.ocx
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:42 - 2014-01-18 11:44 - 00000009 _____ () C:\Windows\system32\online.txt
2014-01-18 11:40 - 2014-01-24 20:39 - 00000000 ____D () C:\Program Files (x86)\Online_Program
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 07:28 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 07:28 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 07:28 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D () C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-01-17 12:26 - 2014-02-05 17:27 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc

==================== One Month Modified Files and Folders =======

2014-02-09 19:16 - 2014-02-09 19:15 - 00025632 _____ () C:\Users\******\Desktop\FRST.txt
2014-02-09 19:15 - 2013-09-05 17:29 - 00000000 ____D () C:\FRST
2014-02-09 19:13 - 2014-02-09 19:13 - 02170880 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-02-09 19:12 - 2014-02-09 19:11 - 01138688 _____ (Farbar) C:\Users\******\Downloads\FRST.exe
2014-02-09 19:12 - 2012-09-14 17:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 18:28 - 2012-03-29 11:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-09 15:15 - 2013-07-17 18:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce8313387cd85a.job
2014-02-09 15:07 - 2013-09-01 19:02 - 01607620 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 15:06 - 2013-06-12 05:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-09 08:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-09 08:26 - 2009-07-14 06:08 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-09 07:58 - 2014-02-09 07:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-09 07:58 - 2014-02-09 07:58 - 00000000 _____ () C:\Windows\setupact.log
2014-02-08 20:13 - 2014-02-08 20:13 - 00000000 ____D () C:\Windows\System32\Tasks\Dexpot
2014-02-08 20:12 - 2014-02-08 20:12 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-08 17:39 - 2014-02-08 17:39 - 00000837 _____ () C:\Users\******\Desktop\JRT.txt
2014-02-08 17:17 - 2014-02-08 17:17 - 00187528 _____ () C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-08 17:13 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 17:13 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 17:11 - 2011-09-25 07:45 - 00000000 ____D () C:\Users\******\AppData\Roaming\Notepad++
2014-02-08 17:08 - 2014-02-08 17:08 - 01037530 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-02-08 17:06 - 2013-12-08 17:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-08 17:06 - 2011-08-07 10:00 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-02-08 17:04 - 2014-01-26 17:50 - 00000000 ____D () C:\AdwC******ner
2014-02-08 17:01 - 2013-05-04 07:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Media Player Classic
2014-02-08 17:00 - 2014-02-08 17:00 - 01166132 _____ () C:\Users\******\Desktop\adwc******ner.exe
2014-02-08 16:58 - 2014-02-07 17:43 - 00000000 ____D () C:\Users\******\AppData\Roaming\Dexpot
2014-02-08 16:56 - 2011-06-22 11:42 - 00002805 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-02-08 16:54 - 2012-05-06 08:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-08 11:54 - 2014-02-08 11:54 - 00347853 _____ () C:\Users\******\Downloads\disableCropWithering.exe
2014-02-08 11:32 - 2012-10-25 11:28 - 00000000 ____D () C:\Program Files (x86)\Landwirtschafts Simulator 2013
2014-02-08 11:29 - 2014-02-08 07:05 - 00000000 ____D () C:\Users\******\Desktop 3
2014-02-08 11:13 - 2014-02-08 11:12 - 148190592 _____ (GIANTS Software ) C:\Users\******\Downloads\FarmingSimulator2013Patch2.1DE_PublicBeta3.exe
2014-02-08 07:05 - 2011-08-07 10:00 - 00000000 ____D () C:\Users\******
2014-02-08 07:02 - 2014-01-27 17:38 - 00000000 ___RD () C:\Users\******\Desktop\Unser Sonnensystem und Planeten
2014-02-08 07:01 - 2014-02-07 17:58 - 00000000 ____D () C:\Users\******\Desktop 2
2014-02-08 06:57 - 2014-02-08 06:56 - 00000000 ____D () C:\Users\******\Downloads\Desktop_anzeigen
2014-02-08 06:56 - 2014-02-08 06:56 - 00000677 _____ () C:\Users\******\Downloads\Desktop_anzeigen.zip
2014-02-08 06:49 - 2014-02-08 06:49 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-02-08 06:48 - 2014-02-08 06:48 - 06463660 _____ (Punk Software ) C:\Users\******\Downloads\rocketdock_7961.exe
2014-02-07 19:24 - 2011-10-09 13:44 - 00000000 ____D () C:\Users\******\AppData\Local\Windows Live
2014-02-07 19:18 - 2014-02-07 19:18 - 00000472 _____ () C:\ProgramData\{E64C5E32-866E-482B-AB32-760B7F30EE12}_WiseFW.ini
2014-02-07 19:16 - 2014-02-07 19:16 - 08867712 _____ () C:\Users\******\Downloads\360desktop_17134.exe
2014-02-07 19:12 - 2013-12-20 21:14 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-02-07 18:30 - 2014-02-07 17:50 - 240567688 _____ () C:\Users\******\Desktop\output.mp4
2014-02-07 17:43 - 2014-02-07 17:43 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
2014-02-07 17:43 - 2014-02-07 17:43 - 00000000 ____D () C:\Program Files (x86)\Dexpot
2014-02-07 17:36 - 2014-02-07 17:36 - 00000000 ____D () C:\Users\******\Desktop\Easy h264 v0.6r
2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____D () C:\Program Files (x86)\Easy h264 v0.6r
2014-02-07 17:29 - 2013-09-28 06:00 - 00378368 ___SH () C:\Users\******\Desktop\Thumbs.db
2014-02-07 17:24 - 2011-02-19 05:24 - 00725706 _____ () C:\Windows\system32\perfh007.dat
2014-02-07 17:24 - 2011-02-19 05:24 - 00158098 _____ () C:\Windows\system32\perfc007.dat
2014-02-07 17:24 - 2009-07-14 06:13 - 01679704 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-07 12:35 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\CPUControl
2014-02-07 12:34 - 2014-02-07 12:34 - 00002028 _____ () C:\Users\Administrator\Desktop\Anpassen Fences.lnk
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Stardock
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Origin
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Origin
2014-02-07 12:34 - 2014-02-07 12:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CyberGhost
2014-02-07 12:34 - 2013-06-27 18:42 - 00187528 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 12:33 - 2014-02-07 12:33 - 00002249 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-02-07 12:33 - 2013-02-10 06:17 - 00000680 __RSH () C:\Users\Administrator\ntuser.pol
2014-02-07 12:33 - 2013-02-10 06:16 - 00000000 ____D () C:\Users\Administrator
2014-02-07 12:25 - 2014-02-07 12:20 - 00000000 ____D () C:\Users\******\AppData\Roaming\CPUControl
2014-02-07 12:20 - 2014-02-07 12:20 - 00000000 ____D () C:\Program Files (x86)\CPU-Control
2014-02-07 12:19 - 2014-02-07 12:19 - 00674184 _____ () C:\Users\******\Downloads\CPU_Control21.zip
2014-02-07 12:19 - 2014-02-07 12:19 - 00000000 ____D () C:\Users\******\Downloads\CPU_Control21
2014-02-07 12:18 - 2014-02-07 12:17 - 00202390 _____ () C:\Users\******\Downloads\LS 13 flüssiger spielen.rar
2014-02-06 19:17 - 2012-03-29 11:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-06 19:17 - 2012-03-29 11:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 19:17 - 2011-08-08 14:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-06 19:15 - 2014-01-28 18:39 - 00000000 ____D () C:\Users\******\VirtualBox VMs
2014-02-06 19:15 - 2012-04-12 11:49 - 00000000 ____D () C:\Users\******\.VirtualBox
2014-02-06 19:08 - 2014-02-06 18:54 - 768606208 _____ () C:\Users\******\Downloads\ubuntu-12.04.4-desktop-amd64.iso
2014-02-06 18:41 - 2014-02-06 18:24 - 00000000 ___SD () C:\Users\******\Documents\Meine Datenquellen
2014-02-06 18:40 - 2014-02-06 18:39 - 00008676 _____ () C:\Users\******\Downloads\autoren - Kopie.xlsx
2014-02-06 18:37 - 2014-02-06 18:37 - 00006944 _____ () C:\Users\******\Downloads\autoren.xlsx
2014-02-06 18:30 - 2014-02-06 18:28 - 00716800 _____ () C:\Users\******\Documents\Kontakte.accdb
2014-02-06 18:27 - 2014-02-06 18:27 - 00358854 _____ () C:\Users\******\Documents\Kontakte.accdt
2014-02-06 18:21 - 2014-02-06 18:21 - 00000667 _____ () C:\Users\******\Downloads\settings.php.bak
2014-02-06 12:46 - 2014-02-06 12:45 - 01900544 _____ () C:\Users\******\Documents\Datenbank1.accdb
2014-02-06 12:45 - 2014-02-06 12:45 - 00602421 _____ () C:\Users\******\Documents\Projekte.accdt
2014-02-06 06:44 - 2014-02-06 06:44 - 00000000 ____D () C:\Users\******\AppData\Roaming\Zattoo
2014-02-06 06:44 - 2013-05-19 17:08 - 00000000 ____D () C:\Program Files (x86)\Zattoo4
2014-02-06 06:43 - 2014-02-06 06:43 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo Europa AG
2014-02-06 06:43 - 2014-02-06 06:42 - 00000000 ____D () C:\Users\******\AppData\Local\Deployment
2014-02-06 06:42 - 2014-02-06 06:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-06 06:42 - 2011-10-08 14:29 - 00000000 ____D () C:\Users\******\AppData\Local\Apps\2.0
2014-02-06 06:38 - 2013-12-12 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-06 06:36 - 2011-06-22 11:42 - 00002302 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-05 20:36 - 2011-09-30 16:06 - 01653984 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-05 20:04 - 2014-02-05 20:04 - 04538368 _____ () C:\Users\******\Downloads\SkypeWebPlugin-2.2.12059.16911.msi
2014-02-05 20:04 - 2014-02-05 20:04 - 00000000 ____D () C:\Program Files (x86)\SkypeWebPlugin
2014-02-05 20:03 - 2014-02-05 20:03 - 03540183 _____ () C:\Users\******\Downloads\Powerpoint (1).pptx
2014-02-05 18:07 - 2014-02-05 18:07 - 00010166 _____ () C:\Users\******\Downloads\Excel-A8.xlsx
2014-02-05 17:51 - 2014-02-05 17:51 - 03540183 _____ () C:\Users\******\Downloads\Powerpoint.pptx
2014-02-05 17:27 - 2014-01-17 12:26 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc
2014-02-05 07:20 - 2013-09-07 11:13 - 00000000 ____D () C:\Users\******\Desktop\Thunderbird
2014-02-05 07:10 - 2014-02-05 07:09 - 00000000 ____D () C:\Program Files (x86)\Convert AVI to MP4
2014-02-05 07:08 - 2014-02-05 07:08 - 02833691 _____ (convertavitomp3.com ) C:\Users\******\Downloads\convertavitomp4_setup.exe
2014-02-04 07:07 - 2014-02-04 07:07 - 00000108 _____ () C:\Users\******\Downloads\playlist.pls
2014-02-04 07:03 - 2014-02-04 07:03 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-02-04 07:01 - 2014-02-04 07:01 - 00000000 ____D () C:\Users\******\Documents\eRightSoft
2014-02-04 07:00 - 2014-02-04 07:00 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-02-03 20:01 - 2014-02-03 19:58 - 00000000 ____D () C:\Fraps
2014-02-03 19:58 - 2014-02-03 19:58 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-02-03 19:56 - 2014-02-03 19:56 - 00000000 ____D () C:\Users\******\Downloads\F356rs
2014-02-03 19:55 - 2014-02-03 19:55 - 02622049 _____ () C:\Users\******\Downloads\F356rs.rar
2014-02-03 17:27 - 2014-02-03 17:27 - 05471642 _____ () C:\Users\******\Downloads\Albutt_Tele_Tools.exe
2014-02-02 12:24 - 2011-08-08 16:05 - 00000000 ____D () C:\Users\******\AppData\Local\Paint.NET
2014-02-01 17:00 - 2011-12-12 16:15 - 00000000 ____D () C:\Users\******\AppData\Roaming\Audacity
2014-02-01 12:07 - 2014-02-01 12:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\mp3DirectCut
2014-02-01 12:07 - 2014-02-01 12:07 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-02-01 12:06 - 2014-02-01 12:06 - 00300850 _____ () C:\Users\******\Downloads\mp3DC219.exe
2014-02-01 11:55 - 2014-02-01 11:55 - 10145406 _____ () C:\Users\******\Downloads\setupttsmaster.exe
2014-02-01 11:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-02-01 11:24 - 2014-02-01 11:24 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-02-01 11:24 - 2014-02-01 11:23 - 00527423 _____ ( ) C:\Users\******\Downloads\Lame_v3.99.3_for_Windows.exe
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Users\******\.MakeMKV
2014-02-01 11:11 - 2014-02-01 11:11 - 00000000 ____D () C:\Program Files (x86)\MakeMKV
2014-02-01 11:10 - 2014-02-01 11:10 - 09805138 _____ (GuinpinSoft inc) C:\Users\******\Downloads\Setup_MakeMKV_v1.8.7.exe
2014-02-01 11:05 - 2012-05-06 14:31 - 00000000 ____D () C:\Users\******\AppData\Roaming\dvdcss
2014-02-01 08:58 - 2014-02-01 08:58 - 04144094 _____ (No23) C:\Users\******\Downloads\No23Recorder.exe
2014-02-01 08:57 - 2014-02-01 08:57 - 00063349 _____ () C:\Users\******\Documents\Unbenannt.wma
2014-01-30 17:24 - 2014-01-30 17:23 - 00000000 ____D () C:\Users\******\Downloads\HerrenhausenPackv1.2
2014-01-30 17:02 - 2013-11-23 16:05 - 00000000 ____D () C:\Users\******\Downloads\backup
2014-01-30 16:46 - 2014-01-30 16:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-30 16:42 - 2014-01-30 16:42 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-01-30 16:42 - 2012-02-09 16:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-01-30 12:19 - 2014-01-30 12:19 - 00000000 ____D () C:\Users\******\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-29 19:59 - 2014-01-29 19:59 - 00000000 ____D () C:\Users\******\Documents\Razer
2014-01-29 19:59 - 2012-12-24 07:01 - 00000000 ____D () C:\Users\******\AppData\Local\Razer
2014-01-29 19:58 - 2012-12-24 07:00 - 00000000 ____D () C:\ProgramData\Razer
2014-01-29 19:58 - 2012-12-24 07:00 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-01-29 19:23 - 2011-08-07 12:38 - 00000000 ____D () C:\Users\******\AppData\Local\Adobe
2014-01-29 17:46 - 2013-09-07 07:50 - 00000000 ____D () C:\Users\******\Documents\Diverses
2014-01-29 17:44 - 2013-09-07 07:48 - 00000000 ____D () C:\Users\******\Documents\Dateien
2014-01-29 17:38 - 2014-01-29 17:38 - 00000000 ____D () C:\Users\******\Documents\Stadtgame
2014-01-29 17:29 - 2013-10-25 20:36 - 00097280 ___SH () C:\Users\******\Documents\Thumbs.db
2014-01-29 17:21 - 2014-01-29 17:21 - 00007404 _____ () C:\Users\******\Downloads\Addition (1).txt
2014-01-29 17:20 - 2014-01-29 17:20 - 00007404 _____ () C:\Users\******\Downloads\Addition.txt
2014-01-29 17:15 - 2013-04-05 13:21 - 00000000 ____D () C:\ProgramData\Origin
2014-01-28 19:17 - 2013-04-25 17:56 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-01-28 19:15 - 2014-01-28 19:15 - 00000000 ____D () C:\SUPERDelete
2014-01-28 19:15 - 2014-01-28 19:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware2
2014-01-28 19:15 - 2012-12-24 06:14 - 00000000 ____D () C:\Users\******\AppData\Roaming\IObit
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-01-28 18:53 - 2012-09-11 04:04 - 00000000 __SHD () C:\xampp
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ () C:\Users\******\Documents\MBR.dat
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D () C:\Users\******\Downloads\lightbox2.6
2014-01-27 12:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D () C:\Program Files\Speccy
2014-01-26 17:35 - 2012-12-12 17:46 - 00236544 ___SH () C:\Users\******\Thumbs.db
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D () C:\Users\******\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ () C:\Users\******\AppData\Roaming\iRotate.INI
2014-01-26 17:26 - 2014-01-26 17:25 - 00000000 ____D () C:\Program Files (x86)\EeeRotate
2014-01-26 16:25 - 2013-05-19 17:09 - 00022528 _____ () C:\Users\******\AppData\Local\WebpageIcons.db
2014-01-26 11:25 - 2013-03-24 14:14 - 00000000 ____D () C:\Users\******\AppData\Roaming\KeePass
2014-01-25 20:10 - 2013-03-24 14:01 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ () C:\Users\******\Documents\KeePass.html
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-25 19:42 - 2011-06-22 11:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-25 10:23 - 2014-01-25 10:21 - 00000000 ____D () C:\Users\******\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D () C:\Users\******\AppData\Local\Adobe_Systems_Incorporate
2014-01-25 10:21 - 2011-08-29 12:30 - 00000000 ___HD () C:\Program Files (x86)\Adobe
2014-01-24 20:39 - 2014-01-18 11:40 - 00000000 ____D () C:\Program Files (x86)\Online_Program
2014-01-20 12:29 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-01-20 12:26 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D () C:\Users\******\AppData\Local\Adobe
2014-01-19 13:03 - 2014-01-03 14:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ () C:\Users\******\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ () C:\Users\******\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ () C:\Users\******\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ () C:\Users\******\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ () C:\Users\******\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ () C:\Users\******\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ () C:\Users\******\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ () C:\Users\******\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-19 12:52 - 2013-12-01 15:05 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-19 12:51 - 2014-01-03 14:05 - 00000000 ____D () C:\Users\******\AppData\Local\Google
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D () C:\ASUS WebStorage
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D () C:\Users\******\AppData\Roaming\Sublime Text 2
2014-01-19 08:01 - 2014-01-03 14:06 - 00000000 ____D () C:\Users\******\AppData\Local\VirtualStore
2014-01-19 08:00 - 2014-01-03 14:06 - 00168856 __RSH () C:\Users\******\ntuser.pol
2014-01-19 08:00 - 2014-01-03 14:05 - 00000000 ____D () C:\Users\******
2014-01-19 08:00 - 2011-08-21 09:06 - 00000680 __RSH () C:\Users\******\ntuser.pol
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D () C:\Users\******\AppData\Roaming\ASUS WebStorage
2014-01-18 17:54 - 2014-01-03 14:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Origin
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D () C:\Program Files (x86)\PolarSoft
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:44 - 2014-01-18 11:42 - 00000009 _____ () C:\Windows\system32\online.txt
2014-01-18 07:45 - 2013-11-21 20:01 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2011-08-07 12:36 - 00000000 ___HD () C:\Program Files (x86)\Java
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D () C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-01-16 19:26 - 2012-06-02 17:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 19:26 - 2009-07-14 03:34 - 00000563 _____ () C:\Windows\win.ini

Files to move or delete:
====================
C:\Users\******\AppData\Roaming\Camdata.ini
C:\Users\******\AppData\Roaming\CamLayout.ini
C:\Users\******\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\******\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 09:11

==================== End Of Log ============================

--- --- ---

Gute Nacht und einen guten Start in die neue Woche

Baldoius

schrauber · 10.02.2014, 16:29

Niemand is das

hab ich doch schon gefragt ob du den Proxy in firefox gesetzt hast?

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Baldoius · 10.02.2014, 17:32

Zitat:

Zitat von schrauber

hab ich doch schon gefragt ob du den Proxy in firefox gesetzt hast?

Ja hast du....

Zitat:

Zitat von schrauber

hast Du den Proxy in Firefox gesetzt?

und ich hab auch geantwortet....

Zitat:

Zitat von Baldoius

Es ist ein Proxy im Firefox gesetzt, dieser wird aber nicht verwendet (abgeschaltet).

.

Ach ja: Ich habe Secunia PSI (3.0.0.9016) drauf doch wenn ich auf Überprüfung starten klicke wird das gemacht und dann kommt, ich habe schon lange nicht mehr überprüft.....????

schrauber · 11.02.2014, 16:20

Secunia macht irgenwie nur noch Stress. Ich muss es auch mal aus meiner ANleitung nehmen. Teste mal den FileHippo UpdateChecker.

Baldoius · 13.02.2014, 19:45

Eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ef23d980bf6660408d8b279f1315b52d
# engine=17015
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-13 06:28:21
# local_time=2014-02-13 07:28:21 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 77 2167846 2187398 0 0
# compatibility_mode=5893 16776573 100 94 286069 143945951 0 0
# scanned=426366
# found=1
# cleaned=0
# scan_time=6722
sh=3395856CE81F2B7382DEE72602F798B642F14140 ft=0 fh=0000000000000000 vn="Eicar test file" ac=I fn="C:\Users\*****\Desktop\Neues Textdokument.txt"

Ach ja: zum Eicar test file: du wirst ja wohl wissen was das ist

Security Check

.... folgt ....

Bewertung zu File-Hippo

Bis jetzt funktioniert er super. Leider werden die Resultate im IE gespeichert (das passt mir nicht so wegen der Sicherheit :-/ [wobei, was ist schon sicher

]).

Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
avast! Antivirus                
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Secunia PSI (3.0.0.9016)   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.44 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Mozilla Thunderbird (24.3.0) 
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 ESET ESET Online Scanner OnlineScannerApp.exe  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

PS: Spybot ist mittlerweile deinstalliert worden

28.01.2014, 22:08	#2
schrauber /// the machine /// TB-Ausbilder	Grosser Virenscan Hi, soweit gut. hast Du den Proxy in Firefox gesetzt? Probleme mit dem Rechner? __________________ __________________

07.02.2014, 16:50	#6
schrauber /// the machine /// TB-Ausbilder	Grosser Virenscan Siehste __________________ --> Grosser Virenscan

09.02.2014, 17:17	#10
schrauber /// the machine /// TB-Ausbilder	Grosser Virenscan frisches FRST log fehlt __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

11.02.2014, 16:20	#14
schrauber /// the machine /// TB-Ausbilder	Grosser Virenscan Secunia macht irgenwie nur noch Stress. Ich muss es auch mal aus meiner ANleitung nehmen. Teste mal den FileHippo UpdateChecker. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Grosser Virenscan

Plagegeister aller Art und deren Bekämpfung: Grosser Virenscan