Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Plagegeister aller Art und deren Bekämpfung: Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 24.06.2014, 11:30   #1
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Guten Tag,

Ich habe seit einer Woche ein Problem und zwar kommt bei Windowsstart immer eine Fehlermeldung und zudem startet mein Antivirus-Programm Avast nicht mehr;
Es kommt jedes Mal diese Fehlermeldung, wenn ich avast starten möchte:

"C:\Program Files\AVAST Software\AvastUi.exe
Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator."

Ich habe bereits im Internet recherchiert und bin auf diese Seite aufmerksam geworden. Ich habe Windows Defender, welches bei mir deaktiviert war, reaktiviert und damit gescannt. Ich habe Spybot search&destroy installiert und meine Festplatten gescannt, Ich habe Antivira, Kaspersky installiert und gescannt, diese Programme haben bis jetzt nichts gefunden.
Jedoch kommt immer noch die Fehlermeldung bei Windowsstart und auch Avast lässt sich weder öffnen noch deinstallieren.

Bitte Helfen Sie mir.

MFG

EDIT: Ich werde gleich Screenshots und eventuell ein Logfiles hinzufügen, im Moment läuft noch Malwarebytes.

Hier die Fehlermeldung bei WIndowsstart:

Geändert von Vale7 (24.06.2014 um 12:25 Uhr)

Alt 24.06.2014, 11:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 24.06.2014, 12:05   #3
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Beitrag

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Hallo, Hier sind die Files, Ich habe versucht mit Malwarebytes zu scannen aber er stürzt die ganze Zeit kurz vorm Ziel ab.

FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Mert (administrator) on MERT-PC on 24-06-2014 12:55:55
Running from C:\Users\Mert\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\srvany.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Windows\KMService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Users\Mert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-06] (AVAST Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [mivpbjd] => regsvr32.exe "C:\ProgramData\mivpbjd.dat"
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\MountPoints2: {5928a433-19fd-11e2-88ef-bc77373c7188} - F:\setup.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\MountPoints2: {676069ea-c30d-11e1-8c2e-bc77373c7188} - E:\AutoRun.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [mivpbjd] => regsvr32.exe "C:\ProgramData\mivpbjd.dat"
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5928a433-19fd-11e2-88ef-bc77373c7188} - F:\setup.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {676069ea-c30d-11e1-8c2e-bc77373c7188} - E:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://find.localstrike.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7BA70AE3423BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://find.localstrike.net/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://find.localstrike.net/
URLSearchHook: HKCU - (No Name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No File
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Plugin for Media Finder - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll (Media Finder)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ReminderFox - {7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC} - C:\Users\Mert\AppData\LocalLow\ReminderFox\IE\ReminderFox.dll (Tom Mutdosch)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\ich@maltegoetz.de [2013-05-02]
FF Extension: BrowserProtect - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\browserprotect@browserprotect.com.xpi [2013-05-02]
FF Extension: Google/Yandex search link fix - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2013-05-02]
FF Extension: Private Tab - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\privateTab@infocatcher.xpi [2013-05-02]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-05-02]
FF Extension: Adblock Plus - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-02]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-31]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-24]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Mert\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bmbpbcpokffodhpcdjaoopolhdlbconi] - C:\Users\Mert\AppData\Local\Temp\ccex.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-07]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-01-01]
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx [2012-01-01]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Mert\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [mpejamdehjfchbpcpblhacbebhiopkom] - C:\Users\Mert\AppData\LocalLow\ReminderFox\CHROME\ReminderFox.crx [2012-02-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-07] (AVAST Software)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-27] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-03-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-07] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-03-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-03-07] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-03-07] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-24] (Kaspersky Lab ZAO)
U4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-24] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-24] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-24 12:55 - 2014-06-24 12:56 - 00030463 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 12:55 - 2014-06-24 12:56 - 00000000 ____D () C:\FRST
2014-06-24 12:53 - 2014-06-24 12:53 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64.exe
2014-06-24 12:52 - 2014-06-24 12:52 - 00002104 _____ () C:\Users\Mert\Desktop\Scan vom 24.06.txt
2014-06-24 12:50 - 2014-06-24 12:50 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 12:09 - 2014-06-24 12:09 - 00000108 ___RH () C:\Users\Mert\Desktop\Stinger.opt
2014-06-24 11:57 - 2014-06-24 12:50 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-24 11:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-24 11:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-06-24 11:53 - 2014-06-24 11:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:52 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 11:52 - 2014-06-24 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-24 11:52 - 2014-06-24 11:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 11:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-06-24 11:48 - 2014-06-24 12:09 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 04:02 - 2014-06-24 04:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-06-24 04:01 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\windows\system32\klfphc.dll
2014-06-24 04:00 - 2014-06-24 11:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-24 04:00 - 2014-06-24 04:00 - 00000000 ____D () C:\windows\ELAMBKUP
2014-06-24 04:00 - 2014-06-24 04:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-24 03:59 - 2014-06-24 04:14 - 00625248 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-06-24 03:59 - 2014-06-24 04:14 - 00115296 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-06-24 03:53 - 2014-06-24 03:51 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-24 03:51 - 2014-06-24 03:51 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Avira
2014-06-24 03:50 - 2014-06-24 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 03:49 - 2014-06-24 03:49 - 00000000 ____D () C:\ProgramData\Avira
2014-06-24 03:49 - 2014-06-24 03:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-24 03:49 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-06-24 03:49 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-06-24 03:49 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:00 - 2014-06-24 03:40 - 00151710 _____ () C:\windows\PFRO.log
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-24 11:14 - 00000146 _____ () C:\windows\setupact.log
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 01:11 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-22 01:11 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 22:07 - 2014-06-24 11:23 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-19 20:08 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-06-19 20:08 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-06-19 20:00 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-19 20:00 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-19 20:00 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-19 20:00 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-19 20:00 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-19 20:00 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-19 20:00 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-19 20:00 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-19 20:00 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-19 19:54 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-19 19:54 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-06-19 19:54 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-06-19 19:54 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-06-19 19:52 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 19:52 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-06-19 19:52 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-06-19 19:52 - 2012-06-02 16:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-19 19:42 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-06-19 19:42 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-06-19 19:42 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2014-06-19 19:42 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-06-19 19:42 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2014-06-19 19:42 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-19 19:42 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-19 19:42 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2014-06-19 19:42 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2014-06-19 19:41 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-06-19 19:41 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-06-19 19:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-06-19 19:41 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-06-19 19:41 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-06-19 19:41 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2014-06-19 19:41 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-06-19 19:41 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2014-06-19 19:41 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2014-06-19 19:41 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2014-06-19 19:41 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2014-06-19 19:41 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-06-19 19:41 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2014-06-19 19:41 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-06-19 19:41 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-06-19 19:41 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2014-06-19 19:41 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2014-06-19 19:41 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2014-06-19 19:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2014-06-19 19:40 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-19 19:40 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-06-19 19:40 - 2014-01-01 01:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-06-19 19:40 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-06-19 19:40 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-06-19 19:40 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2014-06-19 19:40 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-06-19 19:40 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-06-19 19:40 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2014-06-19 19:40 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-06-19 19:40 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-06-19 19:40 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2014-06-19 19:40 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-06-19 19:40 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-06-19 19:40 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2014-06-19 19:40 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-06-19 19:40 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-06-19 19:40 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-06-19 19:40 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-06-19 19:40 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-06-19 19:40 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2014-06-19 19:40 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-06-19 19:40 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2014-06-19 19:40 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-06-19 19:40 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2014-06-19 19:40 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-06-19 19:39 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-19 19:39 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-06-19 19:39 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-06-19 19:39 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-06-19 19:35 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-19 19:35 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-17 16:25 - 2014-06-17 16:30 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-11 13:36 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 13:36 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 13:36 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 13:36 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 13:36 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 13:36 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 13:36 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 13:36 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:36 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 13:36 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 13:36 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 13:36 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 13:36 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 13:36 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 13:36 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 13:35 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 13:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 13:35 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 13:35 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:35 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 13:35 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-06-10 23:32 - 2014-06-15 14:35 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-05-31 03:24 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-31 03:24 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-31 03:24 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-31 03:24 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-31 03:24 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-31 03:24 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-31 03:24 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-31 03:23 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-31 03:23 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-24 12:56 - 2014-06-24 12:55 - 00030463 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 12:56 - 2014-06-24 12:55 - 00000000 ____D () C:\FRST
2014-06-24 12:53 - 2014-06-24 12:53 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64.exe
2014-06-24 12:52 - 2014-06-24 12:52 - 00002104 _____ () C:\Users\Mert\Desktop\Scan vom 24.06.txt
2014-06-24 12:50 - 2014-06-24 12:50 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 12:50 - 2014-06-24 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 12:42 - 2012-08-23 12:06 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-06-24 12:15 - 2013-05-02 20:16 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 12:15 - 2012-06-09 01:36 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\QuickScan
2014-06-24 12:09 - 2014-06-24 12:09 - 00000108 ___RH () C:\Users\Mert\Desktop\Stinger.opt
2014-06-24 12:09 - 2014-06-24 11:48 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 12:05 - 2012-10-18 23:23 - 00000000 ___RD () C:\Users\Mert\SkyDrive
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 11:53 - 2014-06-24 11:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:53 - 2014-06-24 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-24 11:53 - 2014-06-24 11:52 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 11:37 - 2014-06-24 04:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-24 11:25 - 2011-06-29 14:55 - 00000000 ____D () C:\Users\Mert
2014-06-24 11:23 - 2014-06-21 22:07 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-24 11:14 - 2014-06-22 14:02 - 00000146 _____ () C:\windows\setupact.log
2014-06-24 11:12 - 2011-04-17 06:39 - 00753946 _____ () C:\windows\system32\perfh007.dat
2014-06-24 11:12 - 2011-04-17 06:39 - 00166902 _____ () C:\windows\system32\perfc007.dat
2014-06-24 11:12 - 2009-07-14 07:13 - 01754304 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-24 11:10 - 2013-08-18 07:33 - 01917946 _____ () C:\windows\WindowsUpdate.log
2014-06-24 04:14 - 2014-06-24 03:59 - 00625248 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-06-24 04:14 - 2014-06-24 03:59 - 00115296 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-06-24 04:14 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys
2014-06-24 04:14 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klkbdflt.sys
2014-06-24 04:14 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kneps.sys
2014-06-24 04:02 - 2014-06-24 04:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-06-24 04:00 - 2014-06-24 04:00 - 00000000 ____D () C:\windows\ELAMBKUP
2014-06-24 04:00 - 2014-06-24 04:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-24 03:51 - 2014-06-24 03:53 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-24 03:51 - 2014-06-24 03:51 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Avira
2014-06-24 03:50 - 2014-06-24 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 03:49 - 2014-06-24 03:49 - 00000000 ____D () C:\ProgramData\Avira
2014-06-24 03:49 - 2014-06-24 03:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-24 03:48 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 03:48 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 03:43 - 2011-04-17 04:17 - 00000000 ____D () C:\ProgramData\Sonic
2014-06-24 03:42 - 2013-05-02 20:16 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-24 03:40 - 2014-06-24 03:00 - 00151710 _____ () C:\windows\PFRO.log
2014-06-24 03:40 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:08 - 2011-07-11 10:54 - 00000432 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 02:10 - 2013-05-02 20:16 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 02:10 - 2013-05-02 20:16 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 01:15 - 2011-07-02 11:21 - 01728584 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-06-21 22:09 - 2014-01-24 04:18 - 00000000 ____D () C:\Users\Mert\Documents\UNI
2014-06-21 10:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-20 06:39 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-20 06:38 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-20 06:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-19 17:39 - 2014-04-19 04:04 - 00000000 ____D () C:\Users\Mert\Desktop\BP
2014-06-19 16:48 - 2012-07-05 18:15 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-06-18 21:09 - 2014-04-30 03:02 - 00000000 __SHD () C:\AI_RecycleBin
2014-06-18 21:07 - 2013-06-28 22:25 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-06-17 16:56 - 2011-06-30 00:45 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Skype
2014-06-17 16:30 - 2014-06-17 16:25 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 14:35 - 2014-06-10 23:32 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\Users\Mert\AppData\Local\PMB Files
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-15 11:46 - 2011-09-08 17:23 - 00000000 ____D () C:\windows\Minidump
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-13 19:14 - 2013-06-28 22:23 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Riot Games
2014-06-11 13:43 - 2013-07-14 03:00 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 13:40 - 2011-07-01 01:27 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-02 19:03 - 2011-09-29 23:03 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\InternetCalls
2014-05-30 12:21 - 2014-06-11 13:36 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:36 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:36 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:36 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:36 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:36 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:36 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:36 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:36 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:36 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:36 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:36 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:36 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:36 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:36 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:36 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:36 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:36 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:36 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:36 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:36 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:36 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:36 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:36 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:36 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:36 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:36 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:36 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:36 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:36 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:36 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:36 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:36 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:36 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:36 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-27 17:12 - 2014-06-24 03:49 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-27 17:12 - 2014-06-24 03:49 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-27 17:12 - 2014-06-24 03:49 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Mert\AppData\Local\Temp\avgnt.exe
C:\Users\Mert\AppData\Local\Temp\IminentSetup-NewVer_22april.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 22:19

==================== End Of Log ============================
--- --- ---

--- --- ---
__________________
Alt 24.06.2014, 12:06   #4
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Mert at 2014-06-24 12:57:38
Running from C:\Users\Mert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10127 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{E033338C-BDDC-63E2-918F-15169BCD4492}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cardiac Auscultation 1.0 (HKLM-x32\...\Cardiac Auscultation) (Version: 1.0 - medical concepts Bonn)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0127.629.11510 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0127.629.11510 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0127.629.11510 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help English (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help French (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help German (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0127.629.11510 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0127.629.11510 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3907 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.3907 - CyberLink Corp.) Hidden
Dell Backup and Recovery Manager (HKLM\...\{975DFE7C-8E56-45BC-A329-401E6B1F8102}) (Version: 1.3 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.12 build 715 - Finarea S.A. Switzerland)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

19-06-2014 17:42:45 Windows Update
21-06-2014 23:11:42 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D79F8B9-AE27-47B1-86E9-2D964FFBF96C} - System32\Tasks\{B8B3AFCA-719F-4E8B-AFDB-9F08C03E7F33} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=-9
Task: {15767D9E-139D-49C5-BBA8-6AFB65187E70} - System32\Tasks\{EBFBB72A-8F91-4338-AC11-1B09D0ECF919} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {19A6CB3F-C766-4FBA-A87A-D72413F467F3} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {240A4CF0-2A4C-496B-A581-F8AF97111E15} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {44E4B0FE-8CEC-4196-B03E-75A10B5E3C17} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-07] (AVAST Software)
Task: {44F67E6F-F864-4F8E-BA93-87C4AA5F3E3E} - System32\Tasks\{3F0AF743-96D6-4B33-95B5-7888F98BAC58} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {5C3CFEF1-5E17-488D-933C-B3FA494CB900} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {5FD11B08-48BD-4CD4-A13C-AD0479DC4E4E} - System32\Tasks\{26FD0356-06AC-4CE8-AF7C-2796FEFD7A45} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {8742C5E3-B032-4FD0-8EBA-C7D90391BC6F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {8A3EE6C7-DA3C-43DF-8490-495D9173F3F4} - System32\Tasks\{E6A6D582-A192-48AD-8F3E-81F63BC14418} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {A7D7227C-921B-493E-AC2E-0C049237EE33} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D2A4E349-34BD-4BBF-95F5-CF646C3DD1B8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {DA6B1B2F-FB8F-4497-98DB-E23A29BBF46E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {DBCA6139-28A9-49F3-AD12-94E39A9EF6AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E654EDC8-76FF-4449-968D-A7C674719F3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E7322C11-AABB-461E-8ECB-6563514FEAC4} - System32\Tasks\{C086165C-BFC4-4C1C-BF8C-A4F3DB2EF524} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsProgressBar
Task: {EC3DEDB6-6068-40E0-8902-97C3FE403637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EE6023F7-2913-41D4-907F-57145CE5812A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-11-27 12:42 - 2012-11-27 12:42 - 00008192 _____ () C:\windows\SysWOW64\srvany.exe
2012-11-27 12:42 - 2012-11-27 12:42 - 00151552 _____ () C:\windows\KMService.exe
2011-04-17 06:17 - 2011-01-08 02:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-01-27 13:27 - 2011-01-27 13:27 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-12-17 17:57 - 2010-12-17 17:57 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-06-24 00:00 - 2014-06-23 18:38 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062301\algo.dll
2014-06-24 11:30 - 2014-06-24 09:52 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062400\algo.dll
2014-06-24 11:52 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-24 11:52 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-24 11:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-24 11:52 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-24 11:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-12 22:13 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:kcsfiNCXziUY4Ym0oKuS8ebCp4
AlternateDataStreams: C:\ProgramData\Microsoft:NlO23BbW52Qg9kMzJfY4Xtornth
AlternateDataStreams: C:\Users\Mert\AppData\Local\Temp:Dn5bA7i8kvgo2aNls

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Free Music Zilla.lnk => C:\windows\pss\Free Music Zilla.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DU Meter => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Mert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Mert\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Mert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Wireless Router with Ethernet Switch
Description: Wireless Router with Ethernet Switch
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2014 00:50:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x2d4c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (06/24/2014 00:05:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 00:01:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftonicDownloader_fuer_malwarebytes-anti-malware.exe, Version 1.41.1.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2c04

Startzeit: 01cf8f925cae1655

Endzeit: 833

Anwendungspfad: C:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Berichts-ID: 83cf9d49-fb86-11e3-b48d-782bcbe448d6

Error: (06/24/2014 11:56:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 11:55:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 11:54:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 11:54:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 11:54:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/24/2014 11:09:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3045951

Error: (06/24/2014 11:09:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3045951


System errors:
=============
Error: (06/24/2014 11:50:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2014 11:50:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2014 04:14:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/24/2014 03:40:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 03:40:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (06/24/2014 03:08:51 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.13192.168.137.0255.255.255.0

Error: (06/24/2014 03:04:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (06/24/2014 03:02:29 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.13192.168.137.0255.255.255.0

Error: (06/24/2014 03:01:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 03:01:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.


Microsoft Office Sessions:
=========================
Error: (06/24/2014 00:50:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd2d4c01cf8f92a878bf4fC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll5591480b-fb8d-11e3-b48d-782bcbe448d6

Error: (06/24/2014 00:05:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$Recycle.Bin\S-1-5-21-1045970751-1052283306-2589936944-1000\$RDFUVFW.exe

Error: (06/24/2014 00:01:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SoftonicDownloader_fuer_malwarebytes-anti-malware.exe1.41.1.52c0401cf8f925cae1655833C:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe83cf9d49-fb86-11e3-b48d-782bcbe448d6

Error: (06/24/2014 11:56:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (06/24/2014 11:55:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (06/24/2014 11:54:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (06/24/2014 11:54:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (06/24/2014 11:54:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mert\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (06/24/2014 11:09:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3045951

Error: (06/24/2014 11:09:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3045951


CodeIntegrity Errors:
===================================
  Date: 2012-10-30 20:28:17.465
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:17.247
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.989
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.786
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.286
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.021
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:15.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:15.272
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 4003.18 MB
Available physical RAM: 1175.18 MB
Total Pagefile: 8004.54 MB
Available Pagefile: 4311.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:209.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 76FC8FD1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 24.06.2014, 12:17   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Zitat:
Hallo, Hier sind die Files, Ich habe versucht mit Malwarebytes zu scannen aber er stürzt die ganze Zeit kurz vorm Ziel ab.
Bitte richtig lesen, du solltest keine neuen Scans machen, sondern nur schon vorhandene Logs mit Funden posten.

Zitat:
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
OMFG......wie kannst du deinen Rechner mit gleich drei Virenscannern vergewaltigen

Zwei Scanner wie Avira, KAV/KIS oder Avast kommen sich schon gegenseititg in die Quere.

Auf jeden Fall umgehend Avira deinstallieren, danach entweder Kaspersky oder Avast. Ich würde mich in diesem Fall für Avast entscheiden, da Internet Security Produkte meistens nicht zu empfehlen sind.

Zitat:
2012-11-27 12:42 - 2012-11-27 12:42 - 00008192 _____ () C:\windows\SysWOW64\srvany.exe
2012-11-27 12:42 - 2012-11-27 12:42 - 00151552 _____ () C:\windows\KMService.exe
Das ist ein typischer Office-Crack. Dein illegale/gecrackte MS-Office Installation muss auch verschwinden, sonst wird der Support eingestellt.

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2014, 12:29   #6
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 24.06.2014 11:57:11, SYSTEM, MERT-PC, Protection, Malware Protection, Starting, 
Protection, 24.06.2014 11:57:11, SYSTEM, MERT-PC, Protection, Malware Protection, Started, 
Protection, 24.06.2014 11:57:11, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Starting, 
Protection, 24.06.2014 11:57:18, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Started, 
Detection, 24.06.2014 11:57:27, SYSTEM, MERT-PC, Protection, Malware Protection, File, PUP.Optional.Iminent.A, C:\Users\Mert\AppData\Local\Temp\Iminent\metro.exe, Quarantine, [32177f80cfab3df9e5bf0086e81a0af6]
Update, 24.06.2014 11:57:29, SYSTEM, MERT-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.6.23.2, 
Detection, 24.06.2014 11:57:31, SYSTEM, MERT-PC, Protection, Malware Protection, File, PUP.Optional.Iminent.A, C:\Users\Mert\AppData\Local\Temp\Iminent\MinibarFirefox.exe, Quarantine, [e5645da2bac0fe38c7046edc53aed52b]
Detection, 24.06.2014 11:57:31, SYSTEM, MERT-PC, Protection, Malware Protection, File, PUP.Optional.Iminent.A, C:\Users\Mert\AppData\Local\Temp\Iminent\MinibarChrome.exe, Quarantine, [5feaf30c4d2d2c0a987131775aa97090]
Detection, 24.06.2014 11:57:31, SYSTEM, MERT-PC, Protection, Malware Protection, File, PUP.Optional.Iminent.A, C:\Users\Mert\AppData\Local\Temp\Iminent\IminentMinibarIE.exe, Quarantine, [65e4d12ea5d5a195bd0e1a30ac55cd33]
Update, 24.06.2014 11:57:34, SYSTEM, MERT-PC, Manual, Malware Database, 2014.3.4.9, 2014.6.24.4, 
Protection, 24.06.2014 11:57:35, SYSTEM, MERT-PC, Protection, Refresh, Starting, 
Protection, 24.06.2014 11:57:35, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 24.06.2014 11:57:35, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 24.06.2014 11:57:41, SYSTEM, MERT-PC, Protection, Refresh, Success, 
Protection, 24.06.2014 11:57:41, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Starting, 
Protection, 24.06.2014 11:57:42, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Started, 
Update, 24.06.2014 12:58:24, SYSTEM, MERT-PC, Manual, Malware Database, 2014.6.24.4, 2014.6.24.5, 
Protection, 24.06.2014 12:58:29, SYSTEM, MERT-PC, Protection, Refresh, Starting, 
Protection, 24.06.2014 12:58:29, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 24.06.2014 12:58:29, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 24.06.2014 13:00:15, SYSTEM, MERT-PC, Protection, Refresh, Success, 
Protection, 24.06.2014 13:00:15, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Starting, 
Protection, 24.06.2014 13:00:16, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Started, 
Protection, 24.06.2014 13:10:23, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 24.06.2014 13:10:24, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 24.06.2014 13:10:24, SYSTEM, MERT-PC, Protection, Malware Protection, Stopping, 
Protection, 24.06.2014 13:10:59, SYSTEM, MERT-PC, Protection, Malware Protection, Stopped, 
Protection, 24.06.2014 13:14:07, SYSTEM, MERT-PC, Protection, Malware Protection, Starting, 
Protection, 24.06.2014 13:14:07, SYSTEM, MERT-PC, Protection, Malware Protection, Started, 
Protection, 24.06.2014 13:14:07, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Starting, 
Protection, 24.06.2014 13:15:11, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Started, 
Update, 24.06.2014 13:18:46, SYSTEM, MERT-PC, Manual, Malware Database, 2014.6.24.5, 2014.6.24.6, 
Protection, 24.06.2014 13:18:50, SYSTEM, MERT-PC, Protection, Refresh, Starting, 
Protection, 24.06.2014 13:18:50, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 24.06.2014 13:18:50, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 24.06.2014 13:20:07, SYSTEM, MERT-PC, Protection, Refresh, Success, 
Protection, 24.06.2014 13:20:07, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Starting, 
Protection, 24.06.2014 13:20:14, SYSTEM, MERT-PC, Protection, Malicious Website Protection, Started, 

(end)

Alt 24.06.2014, 12:34   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Hast du meinen Beitrag komplett gelesen?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2014, 12:36   #8
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Ich habe erst heute Virenscan durchgeführt, deshalb habe ich heutige Logs gepostet. Und ich bin 100% ehrlich, ich habe momentan keine gecrackte software auf meinem Rechner. Keine Ahnung woher diese Einträge kommen, ich danke, dass das einfach Restdateien sind, Ich habe kein MS Office momentan, benutze Open office. Ich weiß aber nicht wie ich das beweisen soll.

MFG

EDIT: Ich bin dabei, die von Ihnen genannte Virenscanner zu deinstallieren. Und ich weiss nicht wie ich die Restdateien vom MS Office deinstallieren soll. Können Sie mir einen Tipp geben? Und Avast kann ich immer nicht öffnen. Momentan habe ich nur noch Malwarebytes auf meinem Rechner.
Geändert von Vale7 (24.06.2014 um 12:43 Uhr)

Alt 24.06.2014, 12:46   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2014, 14:08   #10
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Sorry, war kurz weg.


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Mert (administrator) on MERT-PC on 24-06-2014 13:47:04
Running from C:\Users\Mert\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Users\Mert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-06] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\Run: [mivpbjd] => regsvr32.exe "C:\ProgramData\mivpbjd.dat"
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\MountPoints2: {5928a433-19fd-11e2-88ef-bc77373c7188} - F:\setup.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000\...\MountPoints2: {676069ea-c30d-11e1-8c2e-bc77373c7188} - E:\AutoRun.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ABBYY Screenshot Reader Bonus] => [X]
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [mivpbjd] => regsvr32.exe "C:\ProgramData\mivpbjd.dat"
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5928a433-19fd-11e2-88ef-bc77373c7188} - F:\setup.exe
HKU\S-1-5-21-1045970751-1052283306-2589936944-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {676069ea-c30d-11e1-8c2e-bc77373c7188} - E:\AutoRun.exe
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://find.localstrike.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7BA70AE3423BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://find.localstrike.net/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://find.localstrike.net/
URLSearchHook: HKCU - (No Name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No File
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Plugin for Media Finder - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll (Media Finder)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ReminderFox - {7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC} - C:\Users\Mert\AppData\LocalLow\ReminderFox\IE\ReminderFox.dll (Tom Mutdosch)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\ich@maltegoetz.de [2013-05-02]
FF Extension: BrowserProtect - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\browserprotect@browserprotect.com.xpi [2013-05-02]
FF Extension: Google/Yandex search link fix - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2013-05-02]
FF Extension: Private Tab - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\privateTab@infocatcher.xpi [2013-05-02]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-05-02]
FF Extension: Adblock Plus - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-02]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-31]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Mert\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [bmbpbcpokffodhpcdjaoopolhdlbconi] - C:\Users\Mert\AppData\Local\Temp\ccex.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-07]
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\Mert\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-01-01]
CHR HKLM-x32\...\Chrome\Extension: [kpkbnefaikfaeadgidhpoanckoiaheli] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx [2012-01-01]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Mert\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [mpejamdehjfchbpcpblhacbebhiopkom] - C:\Users\Mert\AppData\LocalLow\ReminderFox\CHROME\ReminderFox.crx [2012-02-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-07] (AVAST Software)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-27] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-03-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-07] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-03-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-03-07] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-03-07] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-24] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-24 13:47 - 2014-06-24 13:47 - 00024123 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 13:13 - 2014-06-24 13:13 - 00000020 ___SH () C:\Users\Mert\ntuser.ini
2014-06-24 12:55 - 2014-06-24 13:47 - 00000000 ____D () C:\FRST
2014-06-24 12:53 - 2014-06-24 12:53 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64.exe
2014-06-24 12:50 - 2014-06-24 13:03 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 11:57 - 2014-06-24 13:42 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-24 11:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-24 11:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-06-24 11:53 - 2014-06-24 11:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:52 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 11:52 - 2014-06-24 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-24 11:52 - 2014-06-24 11:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 11:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-06-24 11:48 - 2014-06-24 12:09 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:00 - 2014-06-24 13:39 - 00305350 _____ () C:\windows\PFRO.log
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-24 13:40 - 00000258 _____ () C:\windows\setupact.log
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 01:11 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-22 01:11 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 22:07 - 2014-06-24 11:23 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-19 20:08 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-06-19 20:08 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-06-19 20:00 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-19 20:00 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-19 20:00 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-19 20:00 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-19 20:00 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-19 20:00 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-19 20:00 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-19 20:00 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-19 20:00 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-19 19:54 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-19 19:54 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-06-19 19:54 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-06-19 19:54 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-06-19 19:52 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 19:52 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-06-19 19:52 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-06-19 19:52 - 2012-06-02 16:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-19 19:42 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-06-19 19:42 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-06-19 19:42 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2014-06-19 19:42 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-06-19 19:42 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2014-06-19 19:42 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-19 19:42 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-19 19:42 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2014-06-19 19:42 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2014-06-19 19:41 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-06-19 19:41 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-06-19 19:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-06-19 19:41 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-06-19 19:41 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-06-19 19:41 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2014-06-19 19:41 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-06-19 19:41 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2014-06-19 19:41 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2014-06-19 19:41 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2014-06-19 19:41 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2014-06-19 19:41 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-06-19 19:41 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2014-06-19 19:41 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-06-19 19:41 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-06-19 19:41 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2014-06-19 19:41 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2014-06-19 19:41 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2014-06-19 19:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2014-06-19 19:40 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-19 19:40 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-06-19 19:40 - 2014-01-01 01:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-06-19 19:40 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-06-19 19:40 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-06-19 19:40 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2014-06-19 19:40 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-06-19 19:40 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-06-19 19:40 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2014-06-19 19:40 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-06-19 19:40 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-06-19 19:40 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2014-06-19 19:40 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-06-19 19:40 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-06-19 19:40 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2014-06-19 19:40 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-06-19 19:40 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-06-19 19:40 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-06-19 19:40 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-06-19 19:40 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-06-19 19:40 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2014-06-19 19:40 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-06-19 19:40 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2014-06-19 19:40 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-06-19 19:40 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2014-06-19 19:40 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-06-19 19:39 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-19 19:39 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-06-19 19:39 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-06-19 19:39 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-06-19 19:35 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-19 19:35 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-17 16:25 - 2014-06-17 16:30 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-11 13:36 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 13:36 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 13:36 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 13:36 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 13:36 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 13:36 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 13:36 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 13:36 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:36 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 13:36 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 13:36 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 13:36 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 13:36 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 13:36 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 13:36 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 13:35 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 13:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 13:35 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 13:35 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:35 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 13:35 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-06-10 23:32 - 2014-06-15 14:35 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-05-31 03:24 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-31 03:24 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-31 03:24 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-31 03:24 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-31 03:24 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-31 03:24 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-31 03:24 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-31 03:23 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-31 03:23 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-24 13:47 - 2014-06-24 13:47 - 00024123 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 13:47 - 2014-06-24 12:55 - 00000000 ____D () C:\FRST
2014-06-24 13:47 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 13:47 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 13:46 - 2013-06-28 22:25 - 00000000 ____D () C:\Riot Games
2014-06-24 13:46 - 2011-04-17 06:39 - 00753946 _____ () C:\windows\system32\perfh007.dat
2014-06-24 13:46 - 2011-04-17 06:39 - 00166902 _____ () C:\windows\system32\perfc007.dat
2014-06-24 13:46 - 2009-07-14 07:13 - 01754304 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-24 13:45 - 2013-08-18 07:33 - 01931741 _____ () C:\windows\WindowsUpdate.log
2014-06-24 13:45 - 2012-10-18 23:23 - 00000000 ___RD () C:\Users\Mert\SkyDrive
2014-06-24 13:42 - 2014-06-24 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 13:42 - 2013-05-02 20:16 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-24 13:41 - 2011-07-11 10:54 - 00000433 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-06-24 13:40 - 2014-06-22 14:02 - 00000258 _____ () C:\windows\setupact.log
2014-06-24 13:40 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-24 13:39 - 2014-06-24 03:00 - 00305350 _____ () C:\windows\PFRO.log
2014-06-24 13:16 - 2013-05-02 20:16 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 13:15 - 2012-07-05 18:15 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-06-24 13:13 - 2014-06-24 13:13 - 00000020 ___SH () C:\Users\Mert\ntuser.ini
2014-06-24 13:13 - 2011-06-29 14:55 - 00000000 ____D () C:\Users\Mert
2014-06-24 13:03 - 2014-06-24 12:50 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 12:53 - 2014-06-24 12:53 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64.exe
2014-06-24 12:42 - 2012-08-23 12:06 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-06-24 12:15 - 2012-06-09 01:36 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\QuickScan
2014-06-24 12:09 - 2014-06-24 11:48 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 11:57 - 2014-06-24 11:57 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 11:53 - 2014-06-24 11:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:53 - 2014-06-24 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-24 11:53 - 2014-06-24 11:52 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 11:23 - 2014-06-21 22:07 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-24 03:43 - 2011-04-17 04:17 - 00000000 ____D () C:\ProgramData\Sonic
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 02:10 - 2013-05-02 20:16 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 02:10 - 2013-05-02 20:16 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 01:15 - 2011-07-02 11:21 - 01728584 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-06-21 22:09 - 2014-01-24 04:18 - 00000000 ____D () C:\Users\Mert\Documents\UNI
2014-06-21 10:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-20 06:39 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-20 06:38 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-20 06:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-19 17:39 - 2014-04-19 04:04 - 00000000 ____D () C:\Users\Mert\Desktop\BP
2014-06-18 21:09 - 2014-04-30 03:02 - 00000000 __SHD () C:\AI_RecycleBin
2014-06-18 21:07 - 2013-06-28 22:25 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-06-17 16:56 - 2011-06-30 00:45 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Skype
2014-06-17 16:30 - 2014-06-17 16:25 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 14:35 - 2014-06-10 23:32 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\Users\Mert\AppData\Local\PMB Files
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-15 11:46 - 2011-09-08 17:23 - 00000000 ____D () C:\windows\Minidump
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-13 19:14 - 2013-06-28 22:23 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Riot Games
2014-06-11 13:43 - 2013-07-14 03:00 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 13:40 - 2011-07-01 01:27 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-02 19:03 - 2011-09-29 23:03 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\InternetCalls
2014-05-30 12:21 - 2014-06-11 13:36 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:36 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:36 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:36 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:36 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:36 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:36 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:36 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:36 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:36 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:36 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:36 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:36 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:36 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:36 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:36 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:36 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:36 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:36 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:36 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:36 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:36 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:36 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:36 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:36 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:36 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:36 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:36 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:36 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:36 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:36 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:36 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:36 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:36 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:36 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Mert\AppData\Local\Temp\avgnt.exe
C:\Users\Mert\AppData\Local\Temp\IminentSetup-NewVer_22april.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 22:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---


addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Mert at 2014-06-24 13:49:06
Running from C:\Users\Mert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10127 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{E033338C-BDDC-63E2-918F-15169BCD4492}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cardiac Auscultation 1.0 (HKLM-x32\...\Cardiac Auscultation) (Version: 1.0 - medical concepts Bonn)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0127.629.11510 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0127.629.11510 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0127.629.11510 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help English (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help French (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help German (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0127.629.11510 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0127.629.11510 - ATI) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3907 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.3907 - CyberLink Corp.) Hidden
Dell Backup and Recovery Manager (HKLM\...\{975DFE7C-8E56-45BC-A329-401E6B1F8102}) (Version: 1.3 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.12 build 715 - Finarea S.A. Switzerland)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

19-06-2014 17:42:45 Windows Update
21-06-2014 23:11:42 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D79F8B9-AE27-47B1-86E9-2D964FFBF96C} - System32\Tasks\{B8B3AFCA-719F-4E8B-AFDB-9F08C03E7F33} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=-9
Task: {15767D9E-139D-49C5-BBA8-6AFB65187E70} - System32\Tasks\{EBFBB72A-8F91-4338-AC11-1B09D0ECF919} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {19A6CB3F-C766-4FBA-A87A-D72413F467F3} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {240A4CF0-2A4C-496B-A581-F8AF97111E15} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {44E4B0FE-8CEC-4196-B03E-75A10B5E3C17} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-07] (AVAST Software)
Task: {44F67E6F-F864-4F8E-BA93-87C4AA5F3E3E} - System32\Tasks\{3F0AF743-96D6-4B33-95B5-7888F98BAC58} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {5C3CFEF1-5E17-488D-933C-B3FA494CB900} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {5FD11B08-48BD-4CD4-A13C-AD0479DC4E4E} - System32\Tasks\{26FD0356-06AC-4CE8-AF7C-2796FEFD7A45} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {8742C5E3-B032-4FD0-8EBA-C7D90391BC6F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {8A3EE6C7-DA3C-43DF-8490-495D9173F3F4} - System32\Tasks\{E6A6D582-A192-48AD-8F3E-81F63BC14418} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {A7D7227C-921B-493E-AC2E-0C049237EE33} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {DA6B1B2F-FB8F-4497-98DB-E23A29BBF46E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {DBCA6139-28A9-49F3-AD12-94E39A9EF6AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E654EDC8-76FF-4449-968D-A7C674719F3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E7322C11-AABB-461E-8ECB-6563514FEAC4} - System32\Tasks\{C086165C-BFC4-4C1C-BF8C-A4F3DB2EF524} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsProgressBar
Task: {EC3DEDB6-6068-40E0-8902-97C3FE403637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EE6023F7-2913-41D4-907F-57145CE5812A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-11-27 12:42 - 2012-11-27 12:42 - 00008192 _____ () C:\windows\SysWOW64\srvany.exe
2012-11-27 12:42 - 2012-11-27 12:42 - 00151552 _____ () C:\windows\KMService.exe
2011-04-17 06:17 - 2011-01-08 02:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-01-27 13:27 - 2011-01-27 13:27 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-12-17 17:57 - 2010-12-17 17:57 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-06-24 11:30 - 2014-06-24 09:52 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062400\algo.dll
2014-06-24 11:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-24 11:52 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-24 11:52 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-24 11:52 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-24 11:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-12 22:13 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2014-06-19 21:18 - 2014-06-19 21:18 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-04-17 04:00 - 2010-11-06 06:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:kcsfiNCXziUY4Ym0oKuS8ebCp4
AlternateDataStreams: C:\ProgramData\Microsoft:NlO23BbW52Qg9kMzJfY4Xtornth
AlternateDataStreams: C:\Users\Mert\AppData\Local\Temp:Dn5bA7i8kvgo2aNls

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Free Music Zilla.lnk => C:\windows\pss\Free Music Zilla.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DU Meter => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Mert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Mert\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Mert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Wireless Router with Ethernet Switch
Description: Wireless Router with Ethernet Switch
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2014 01:38:36 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (06/24/2014 01:03:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1524
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (06/24/2014 01:41:00 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.13192.168.137.0255.255.255.0

Error: (06/24/2014 01:40:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 01:40:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (06/24/2014 01:17:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (06/24/2014 01:16:53 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/24/2014 01:15:15 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.13192.168.137.0255.255.255.0

Error: (06/24/2014 01:14:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 01:14:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (06/24/2014 01:13:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 01:13:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.


Microsoft Office Sessions:
=========================
Error: (06/24/2014 01:38:36 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:11:05 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: 

Error: (06/24/2014 01:03:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd152401cf8f9a27361b0dC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll36581165-fb8f-11e3-b48d-782bcbe448d6


CodeIntegrity Errors:
===================================
  Date: 2012-10-30 20:28:17.465
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:17.247
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.989
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.786
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.286
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.021
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:15.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:15.272
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 4003.18 MB
Available physical RAM: 1630.31 MB
Total Pagefile: 8004.54 MB
Available Pagefile: 5007.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:210.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 76FC8FD1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================

EDIT:

Es stimmt schon, Ich habe Office Dateien in dem Ordner Programme gefunden, die Dateigröße ist ca. 400 MB. Darf ich den Ordner löschen? Weil unter Systemsteuerung und Programme deinstallieren gibt es keinen Antrag für MS Office und ich glaube ich habe MS auch vor 1-2 jahren installiert/deinstalliert weil es nicht funktioniert hat. Ich kann versichern dass ich keine gecrackte Software benutze.
Geändert von Vale7 (24.06.2014 um 14:13 Uhr)

Alt 24.06.2014, 14:44   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Danach bitte Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2014, 15:27   #12
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Hier das Ergebnis der ersten Anweisung.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by Mert at 2014-06-24 15:56:50 Run:1
Running from C:\Users\Mert\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
         
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====
Es gab nur eine Komplikation, es hat mich aufgefordert, Avast und Spybot auszumachen, was nicht ging, also habe ich beide Programme deinstalliert. Ich konnte also auch avast deinstallieren, was früher gar nicht ging.

hier das Ergebnis:

Code:
ATTFilter
ComboFix 14-06-24.01 - Mert 24.06.2014  16:11:06.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4003.2189 [GMT 2:00]
ausgeführt von:: c:\users\Mert\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\programdata\Roaming
c:\users\Mert\AppData\LocalLow\ReminderFox\IE\ReMInderfox.dll
c:\users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-24 bis 2014-06-24  ))))))))))))))))))))))))))))))
.
.
2014-06-24 10:55 . 2014-06-24 13:56	--------	d-----w-	C:\FRST
2014-06-24 10:50 . 2014-06-24 13:19	--------	d-----w-	c:\users\Mert\AppData\Local\CrashDumps
2014-06-24 09:57 . 2014-06-24 09:57	--------	d-----w-	c:\program files (x86)\Iminent
2014-06-24 09:57 . 2014-06-24 13:46	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-24 09:56 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-06-24 09:56 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-06-24 09:56 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-06-24 09:56 . 2014-06-24 09:56	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 09:56 . 2014-06-24 09:56	--------	d-----w-	c:\programdata\Malwarebytes
2014-06-24 09:52 . 2014-06-24 14:08	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-06-24 09:52 . 2014-06-24 14:08	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2014-06-24 09:48 . 2014-06-24 10:09	--------	d-----w-	c:\program files (x86)\stinger
2014-06-24 01:34 . 2014-06-24 01:34	--------	d-----w-	c:\program files\Common Files\Bitdefender
2014-06-24 01:33 . 2014-06-24 01:33	--------	d-----w-	c:\program files (x86)\Common Files\Bitdefender
2014-06-24 00:38 . 2014-06-24 00:38	--------	d-----w-	c:\programdata\RogueKiller
2014-06-21 23:20 . 2014-06-05 10:54	10779000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{965BA401-EB3A-453B-A3E4-C6475F234F26}\mpengine.dll
2014-06-21 23:11 . 2014-05-08 09:32	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 23:11 . 2014-05-08 09:32	3178496	----a-w-	c:\windows\system32\rdpcorets.dll
2014-06-19 18:08 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2014-06-19 18:08 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-06-19 18:08 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2014-06-19 18:08 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2014-06-19 18:08 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2014-06-19 18:03 . 2014-06-19 18:03	--------	d-----w-	c:\windows\Migration
2014-06-19 17:55 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-06-19 17:54 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2014-06-19 17:54 . 2012-08-23 14:13	243200	----a-w-	c:\windows\system32\rdpudd.dll
2014-06-19 17:54 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2014-06-19 17:54 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2014-06-19 17:52 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-06-19 17:52 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-06-19 17:52 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-06-19 17:52 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-06-19 17:52 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-06-19 17:52 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-06-19 17:52 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-06-19 17:42 . 2013-10-04 02:24	1930752	----a-w-	c:\windows\system32\authui.dll
2014-06-19 17:42 . 2013-10-04 02:28	190464	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 17:42 . 2013-10-04 02:25	197120	----a-w-	c:\windows\system32\credui.dll
2014-06-19 17:42 . 2013-10-04 01:58	152576	----a-w-	c:\windows\SysWow64\SmartcardCredentialProvider.dll
2014-06-19 17:42 . 2013-10-04 01:56	168960	----a-w-	c:\windows\SysWow64\credui.dll
2014-06-19 17:42 . 2013-10-04 01:56	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2014-06-19 17:42 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2014-06-19 17:42 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2014-06-19 17:42 . 2012-01-04 10:44	509952	----a-w-	c:\windows\system32\ntshrui.dll
2014-06-19 17:42 . 2012-01-04 08:58	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2014-06-19 17:42 . 2013-09-25 02:23	1030144	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-06-19 17:42 . 2013-09-25 01:57	792576	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-06-19 17:40 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2014-06-19 17:39 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-06-19 17:39 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2014-06-19 17:39 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2014-06-19 17:39 . 2013-08-28 01:12	461312	----a-w-	c:\windows\system32\scavengeui.dll
2014-06-19 17:35 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-06-19 17:35 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-06-15 09:44 . 2014-06-15 09:44	--------	d-sh--w-	c:\users\Mert\AppData\Local\EmieUserList
2014-06-15 09:44 . 2014-06-15 09:44	--------	d-sh--w-	c:\users\Mert\AppData\Local\EmieSiteList
2014-06-11 11:35 . 2014-03-26 14:44	2002432	----a-w-	c:\windows\system32\msxml6.dll
2014-06-11 11:35 . 2014-03-26 14:44	1882112	----a-w-	c:\windows\system32\msxml3.dll
2014-06-11 11:35 . 2014-03-26 14:27	1389056	----a-w-	c:\windows\SysWow64\msxml6.dll
2014-06-11 11:35 . 2014-03-26 14:27	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-06-11 11:35 . 2014-04-25 02:34	801280	----a-w-	c:\windows\system32\usp10.dll
2014-06-11 11:35 . 2014-03-26 14:41	2048	----a-w-	c:\windows\system32\msxml6r.dll
2014-06-11 11:35 . 2014-03-26 14:41	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-06-11 11:35 . 2014-03-26 14:25	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2014-06-11 11:35 . 2014-03-26 14:25	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-06-11 11:35 . 2014-04-25 02:06	626688	----a-w-	c:\windows\SysWow64\usp10.dll
2014-06-11 11:35 . 2014-04-05 02:47	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2014-06-11 11:35 . 2014-04-05 02:47	288192	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 11:35 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-05-31 01:23 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-11 11:40 . 2011-06-30 23:27	95414520	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 07:35 . 2011-06-29 13:12	270496	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-15 05:27	223432	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-15 05:27	223432	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-15 05:27	223432	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	130736	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-27 336384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - aswStm
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 20:10	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 18:16]
.
2014-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 18:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}]
2011-12-07 17:28	414720	----a-w-	c:\users\Mert\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-15 05:27	262344	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-15 05:27	262344	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-15 05:27	262344	----a-w-	c:\users\Mert\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17	164016	----a-w-	c:\users\Mert\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-08 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-08 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-08 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://find.localstrike.net/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://find.localstrike.net/
uInternet Settings,ProxyOverride = *.local;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Mert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{A8C646CE-3794-47CB-A5DF-41DA4E328752}\2656C6B696E6E2736603: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{A8C646CE-3794-47CB-A5DF-41DA4E328752}\3533: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{A8C646CE-3794-47CB-A5DF-41DA4E328752}\5416379724F687D2034413230333: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{A8C646CE-3794-47CB-A5DF-41DA4E328752}\D4562747627496A756D672370214275616: NameServer = 156.154.70.25,156.154.71.25
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
BHO-{7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC} - c:\users\Mert\AppData\LocalLow\ReminderFox\IE\ReminderFox.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-ABBYY Screenshot Reader Bonus - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:04,91,1d,4b,12,de,70,9a,c5,85,4c,eb,52,24,ff,4c,2c,36,1b,d3,0b,
   41,63,0d,67,c4,fd,fd,14,97,f0,ff,fc,a4,32,3a,e6,46,47,7a,de,6c,dc,9a,79,f0,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-24  16:21:48
ComboFix-quarantined-files.txt  2014-06-24 14:21
.
Vor Suchlauf: 12 Verzeichnis(se), 228.978.458.624 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 228.517.662.720 Bytes frei
.
- - End Of File - - AAEEB5516C7741A0FEF4B39497C2F743

Alt 24.06.2014, 15:34   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2014, 16:24   #14
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


Hier die Ergebnisse der ersten Anweisung

Code:
ATTFilter
# AdwCleaner v3.213 - Bericht erstellt am 24/06/2014 um 17:06:32
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Mert - MERT-PC
# Gestartet von : C:\Users\Mert\Desktop\adwcleaner_3.213.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Users\Mert\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Mert\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Mert\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Mert\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Mert\AppData\Roaming\Media Finder
Datei Gelöscht : C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\browserprotect@browserprotect.com.xpi
Datei Gelöscht : C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\invalidprefs.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5c55da8cbc3ab845
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sopcast_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_uif2iso_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_uif2iso_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v

[ Datei : C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [12164 octets] - [24/06/2014 17:05:52]
AdwCleaner[S0].txt - [11496 octets] - [24/06/2014 17:06:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11557 octets] ##########
2. Schritt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mert on 24.06.2014 at 17:10:38,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1045970751-1052283306-2589936944-1000\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Mert\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{00C91430-8F01-497E-8942-5F7ED570E359}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{021E3CB0-9A14-4E8E-BE13-E0EBCA3F79B0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{026BCCCC-0042-4758-B513-6F0DECD94C82}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0338F526-B789-4808-81F4-88E2CE3808D2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{033B6B10-0D67-41EC-B6DB-7DD1E878A338}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{03F9A1CF-E0F4-4CEA-8B42-5DEAA58754D8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{04444464-E0A8-4068-AD9E-58A957C36D30}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{054CEE18-B186-477F-B865-077FBF528DAD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0555FADF-49DD-43E2-9AA5-D180C4A9864D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{058D5D8E-F943-4869-B1BD-68DC7228CA6B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{069A8A12-AE1F-49D0-A47A-F35C15640A5E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{079BA629-2263-4344-B730-102F0EB1AC46}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0A43CC4C-F4E6-41B3-BCE5-577804F5B870}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0A622284-2F99-431B-8E9F-E73CC75B46B4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0B1E15C5-C390-4FC2-BC12-82D40BB2E95A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0C9270B1-9AED-467A-9B1E-DB153B64854B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0CE14CE8-4ECA-469A-B888-BA3D0125709A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0E35C655-3432-4A07-ADA7-7EA2BED8ED87}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{0FBF0DD3-D768-43DF-BBDD-82957AC4C2DB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{101D56CB-AF37-469A-9BE8-6237EA4017D9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{117ED24A-78A5-4763-AA2E-9ADE4680CB30}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{11B3A774-1A6B-4F83-940E-BEC4C0C760AD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{11DCA8F8-C03E-4281-982F-177A31654F0B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{12E62514-05A8-44FC-BF6C-7BA09DFDB49B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{16834ED4-9E95-45D3-96CB-3981CC9A33AD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{16F5193C-37E7-40D4-8F1F-35750AD96933}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{18F3E3FA-9E02-42CE-825E-715094A226A2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1936182B-C367-4C32-9475-47884338BF5D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{197C38DD-97A1-427B-A875-3AEA3301C486}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1A0FDD26-E301-4054-8EE9-C7D5F783B58D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1A21FCA1-46B3-4AB8-9239-7F73DA8FC335}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1A9884EA-78A4-4BCA-B35D-F7A6E6CDD6C6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1ADCB489-019B-4DB3-8318-F7416EF85262}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1BE1C422-87D4-4C56-AEBD-F2497D8022B4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1D0B4CE0-4C75-46FA-88D9-BB366B475990}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1D3E954C-89E7-48D0-B67E-D4A1FF790C6E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1D5DD010-E1C1-448F-9426-0265C8F0FF0D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1D8E1A62-CA35-4CA5-A3CD-D0F36D12B19B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1DEE22B7-029D-4254-95AC-580136DC494B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1EA39480-92BB-4237-8915-AFC80E01130B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1F6C44BC-5340-4DD4-94A8-A93F8A5BEDEB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1F83AF42-CA5E-4FBB-9F42-474761E90AEC}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{1FF9E0B4-A0B8-4C9E-A3F1-E04CCE2466B2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2076A0C6-91F7-4EA4-8AA8-0ACA9799A250}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{21C86980-88EF-4EA1-96E6-A42FB1B96288}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{22FD4D2A-F380-49E4-9614-E68FEF344D1A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{230F29DD-C594-4444-980E-DF1428C9D77B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{23660A0C-7442-4AC1-AB6D-BB6352E483AF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{24826CB8-CC15-4B0F-BB5E-286013E66854}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{24C3D7AA-8467-43D7-A4B6-89DFE29090C1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{24C5B2AE-D964-4F4A-965F-6E863130585E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{24CD37EF-51FE-4B84-82C0-911A78ABC76E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{250F2D06-7111-4F84-97FE-9AE6105CC157}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2649C302-97F6-4C25-92EF-705A84CA0938}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2652EB2B-F446-4C1D-A215-F8826F21BCA9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2732BFCF-01F5-41B5-9ED9-C959FD097F34}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{28734B4C-DE91-4E5C-906A-DB2F707546F9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2B6B415F-0D2A-4528-82A7-F7B9A36F7BC1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2C68F93A-49ED-4B92-9127-EC4CE9B4779E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2C7737EF-5887-4261-82C7-711C9C8DA1A0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2CD0BC3D-CCEC-475E-A7AD-F626FDA7A214}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2D70ABD9-B97E-4889-A6D6-3839009F650F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2E5DAEC1-2D22-4E1B-A06E-255AD7BAAAEF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2EB42E37-E18C-4229-807A-4AA55E8849AB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2EF096E9-57B9-4DD5-86DC-386A5CCA2265}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{2F1E46C6-1E07-4375-B9AD-26D9DAD220EE}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{31BF2870-0D7D-4581-8057-49F19FD6FEE3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3287AFDF-B19D-4503-A787-9ED2CFA585B9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{32EBBB77-30B7-4B37-87B4-96B54D13474C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{35BB2801-FD04-48BB-8151-FB94BB8FD341}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{365433ED-1A78-47BE-9376-D73EBB31A06C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{377F98D2-56E0-4B96-A0F5-8DC0BFEA7FC9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3834B7E0-BCED-4788-B4CE-912DADC767AD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{384A5B6F-EB8F-4318-A1E0-2A15605DBB14}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3885C5D6-D187-4047-B13B-815A703C294A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3943EDBF-110B-46F5-AA4E-BD53DB20A0A3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{395B884C-B8EA-4E9D-93C9-ED3AA3E3AE67}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{39C9838B-1E76-4686-9C82-E8138B616714}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{39FDE752-9A1C-48B6-89A0-4721B7E9D3F6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3B0795EB-DC93-4553-BFF1-BB80307433F4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3B2F36AF-B218-487F-9A13-5FFAFAAC57DA}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3B36F34A-6FDB-401C-8585-EA533EBD7D2D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3C201BB7-75DD-43DA-A14A-1702FA884939}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3D1BB411-8C86-4679-83E3-9CA4E0DB91D6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3E6BCE17-62C6-4D5F-B76A-D2B8F7027233}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3F1A7A97-BE79-4502-86AE-ECED87F806D6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3F6DF74A-B619-4709-83BE-0C529023B67F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3F7A6AF5-74B6-4C75-9729-6B8C7C2B27C0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{3FB7EABE-0C37-4061-B578-55456525FD98}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{406AABF8-A44A-4BA1-861C-12B4AAD2370E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{420F68D0-77DC-446F-AE59-F2128FDC768A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4368C019-CBF3-444E-AF6E-C1F19FAFE5EF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4395E227-C8DE-4BD2-96C7-A939DBA813CB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{447AFA69-356D-4A74-A525-5DBF4FF7D395}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{45B8E990-97F5-477D-8FA8-FD2BCAF84864}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4642DCE9-483D-465A-B6DE-1FA734833252}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{46A14BA0-D175-4CA4-8C04-11BEABA16A7D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{490F4D10-FCB5-4528-952D-E084337EA4F2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4A6D1EC4-DF18-4ED1-9FF8-CC5B0430FC4C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4B2ABA2C-B249-44D3-B55B-43A48B2CBF14}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4B311C8C-7F2E-46D0-83B6-2ECE472A6201}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4C087DDE-CA33-4CC3-AE4D-7C4069463801}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4CAD9F1C-1ADD-4EE3-837F-90C72A51C986}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4F00C275-50CC-4277-A1BC-B624F34FE146}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4F037545-D5F1-4C28-898E-71E05233E6B0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4F2E8D65-C8A2-40B5-892E-5B944B6FF608}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4F7F5618-AE59-42FA-BF2D-EA245F2ADF02}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{4FCAB45A-F2C1-4DCD-8484-8E0B95AEF5D4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{510061FC-D9CF-4D4F-A6F7-6128B841F925}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{51E3C901-4E06-465A-8C10-B212E338723D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{52740AF2-258E-4F95-A792-8105C831DB42}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{52D1C533-0285-4289-B66C-66901F42685F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{555ADA6B-4450-4278-A446-CCC3087A1B28}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{56A374DE-9ACD-4CED-BD06-5482D3F3398E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{56D70425-57CB-4F81-AD81-27953AD2659B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{57D8C3E2-DB07-4A9B-B636-B3990B6B9407}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{589AED57-CC35-436A-8F7A-816B8C8593A9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{58B9C9FF-A42F-44C2-99B0-AA17979BB0D7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{58C402E6-C2F8-492A-AD00-6C5925497AB2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{59C383D9-9DAD-490C-8E34-5EB3D4F60261}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{59FD803B-FAF5-4A07-B69E-2F937287F699}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5AFB897E-62A7-4BEC-AB09-D9EBC380D70C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5B85D1F5-0D62-49C4-9B46-079530D3845D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5CB772FC-53EF-475B-80E7-DFA0F89F26F9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5D85AF3B-273E-4BB4-9678-86C22A219195}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5E043481-D74E-4A28-A787-6E36407BDC20}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5E0D537D-BD1F-41AB-AA1E-82B37A989F39}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5E39C9AC-A1D1-4264-9158-4F354A7C62C7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5EB25FC8-EC2B-4877-A442-192472E6200C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{5ED3E466-0D08-4987-868E-E55EE60F14B5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{605E1AF0-7AF5-43AF-B512-A9C11E4B32C5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{63E79DC5-D863-4720-BEC8-B64A430A9202}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{6527E51C-AC24-4CB7-9966-599879F8C56F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{666FB8C5-925C-417F-A888-54EA8FD63573}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{66C68A44-B55D-4107-B631-96600F40CE01}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{68697CA1-6378-48E8-8B3A-63F8EE0FB150}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{69B6AF0E-4522-491C-BA07-2043F1790207}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{6AF09E04-2B28-4471-AFD4-7A737C4CB68F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{6AF2DAAC-4999-4883-AECE-35FD82EB9689}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{6B943D6D-04BF-4047-B04E-80FB2803CD31}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{6C218096-C4C0-4750-8443-D73697DD1781}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{70BD6524-8B9C-4750-8311-70F26A13D2FA}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{70E04426-EE98-483F-97F5-298C2EDE5245}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{710F331B-E0A2-4916-A15A-7000A7DDA9A6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{7296C640-0ABD-44C9-9705-1C3E57B8C9A6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{73AF09D3-B7EA-4E2A-A3E4-0E1C11C9CF0C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{73BBD162-4AF9-4C54-BAA9-E4709B28DA35}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{74931BCD-D550-4690-855D-768D42BF6A37}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{75C32BC2-1227-4441-B963-7A4244A4AC95}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{76B9CAEE-44C9-4125-B695-2BFB847D909C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{77CFD8C8-3F5A-4FA5-A4E3-6797CE03E8F3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{782225FD-ABC4-4550-8E37-D3D7EE63A33B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{795A2F41-10B7-4157-B215-FDD291A09662}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{79A1AA2B-7770-4396-9C29-0907F85FDF8E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{79FCAB01-5474-4716-A119-D35149D33389}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{7AAE67C7-1E5D-422A-A1F6-C353956200F0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{7E09B138-4E06-4F3B-93A4-F2097DB93D3B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{7EDDEB3C-0E6E-46BA-B929-C76216D94108}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{7FF5B239-117F-4F95-84AF-435213638596}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{80BC7BFF-62A4-4DF1-80A1-B8EADE4846E2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{80E3372E-D212-44B5-85F5-63F1DDFE7D1E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8153B352-87AB-45D9-ACD2-2E6247D1727D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{81746087-DE27-4DBE-8AA5-565516FE7AFE}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{81956598-67A6-4C5D-863D-F07052835083}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8224775F-4DDC-42D8-9E9B-1C63D0790C4A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{83884A02-BF11-46DF-B792-01036385B8D5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{83AC2DB9-002F-4039-85DA-CC747C77BD6B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{83E14285-7C35-4CA3-8161-FA9C370D1F39}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{846F4C6D-32EF-4534-AFA8-810DFFDBDCB2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{847C3344-4581-4CE9-852E-9F5E2F3805B1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{85B10B87-3FE5-4ECD-9013-CBF0547E6DE6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8628D8A1-1EF6-4CB7-B70A-63BFD63853B9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{86883E66-4C04-41B0-98AB-B7AA672ABE71}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{86AF4E9C-484B-4310-9414-1BDE58BD9BEB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{86E2A101-C957-4FE6-8CF7-88B59B4F6A87}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{86E57A2A-04D2-421E-A248-4422974AF27E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{87429E5B-736D-400F-AB97-C6BF23F823DB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{878B418F-E182-4170-9489-72B2B9A74E02}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{883CB2AD-A02D-4A61-9FC7-0240E9DCEB30}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{88889890-33FC-4497-B505-1B19AEF3A3D7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{89871F2A-554B-4C83-A673-25D05E32FF71}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8A9D6763-1D8D-435C-8ECE-327AD2C11A2F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8AB079A7-A171-45EE-A705-4986056E02C3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8B542150-FA67-4BE4-BEB1-CB42F7B30A08}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8B87EAE1-CE2C-41B4-A326-C83872787F26}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8D601121-0257-4F43-AB13-C7B0BF76FAD7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8E391694-8DD5-408E-A5B3-5F379D8558F7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{8FB6D54C-F97A-4366-99D0-7CB1E3978551}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{925E2DDA-E2ED-4224-858E-8CAB68666A80}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{93034211-5974-4027-84BB-EFC5066AEE2B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{93609EAF-4908-433F-BCB3-A822D9326AC8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9390DBBA-99C6-4F3F-9708-D38A7DFF4114}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{93A6DD3D-E18F-457D-BE13-4810E3ED4EB0}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{93FCB6CF-648D-4B94-B7C9-FB8960A9DB3C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9469F92D-FB56-4D67-ADD2-FBE66623D9EC}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{94C1A548-F9BD-4E6D-BCEB-8E0491BD4011}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{95AA139B-4285-419D-8627-69C8273B0A3D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{96CA894E-D1BC-44C1-B2C4-2A04AAA93F64}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{97B0E61F-532C-4BF3-A895-5E70D3BA33C5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{999D0677-0CAA-40EF-B21A-15B0B71DB044}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9AEA98EB-75CD-4BE8-ADFA-590707F27882}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9B684804-D82A-4201-88B9-5CD878AACD30}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9BD33960-C167-4D6A-B04B-927A14F56FDE}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9C596342-829E-4A15-BF38-0A7624653D99}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9C7FB760-1E98-4599-870D-C4C370C38766}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9F555BE4-E58C-4CE0-A4E6-8CB9022898AD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9F8576BC-8D5C-4ABA-81CD-DDBF4992A24C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{9FCAB48A-5ADD-4DA2-A08F-4A1FF295CE6F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A167ABA9-E7BA-4491-8027-C95D732C4523}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A169BB97-1E31-48FA-8060-D819481A1DC4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A178AEDD-0F07-4571-AF63-530FA176275F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A3DA815C-2AF4-49BE-86F7-E3F836B37AA2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A5D2CE9E-E4FB-485D-A910-614215C528D1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A6AA2E5C-4349-48C1-A764-5AA844CEE7D8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{A9676E43-3875-45F5-9A22-2454BE4FDF68}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AA895AE5-3C5C-468C-BDDC-FB97FB0F4C0E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AAEECE84-6737-4745-AB98-808BA3C337C1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AAF424DA-7E09-4D8E-8B22-ACD308E762E2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AC3A095A-E82A-4E89-B6D6-47DE5DC818C7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{ACB3B330-582B-45B4-870D-CF4D553CBD8E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{ACD1FDD3-12E7-44B8-B17F-ACD2D14FF9BD}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AD2B61DD-9CBF-4759-898B-248C4BB0CDEF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{ADA312BA-B57E-49A6-80A1-83371967E9BF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AE3D2F16-7C33-4B5D-A112-F98AB0909C5A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AE98CD87-89DA-4B42-8FB2-93CD83A6D521}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{AF5EFCDC-2B0F-44B4-B385-1B96006C872F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B01968E0-D375-4AF0-9149-46E11DA4E075}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B1B1E043-CC7C-4EF3-AA35-3B3EFE90AFE4}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B2660004-D330-4960-8953-038BA005A26C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B2851D2E-4278-4227-8494-57FA76B1674C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B2F17E40-383E-4EC3-8F33-7DFAFC00112F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B3088266-FA9E-48E1-BBA7-D5FD51C5935F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B32D5953-056A-41C6-92BD-193F51650DFB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B3A28E29-1A86-481D-90E0-9CD889C7E441}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B3D063AF-7CB3-48D0-814D-916B6F2E21FA}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B4BA762B-8305-4D06-B220-024D7D8D616E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B69547A1-0C34-405A-820E-677D3D73C806}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B6D07410-7B56-477E-8CA2-D115BD5E317E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B8808108-7DD2-481E-9535-F5A40C7DC5D1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{B9D0DF26-7CC8-4823-947F-F117467DE4EF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{BB5B2657-9146-41B4-94BA-EF50DE8A8EC2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{BBB8D3B9-F45B-4B01-B03F-F4141E822956}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{BD9F30F8-BA19-4915-8E7E-21830ED9A0F5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{BDBB7DAB-E274-44D0-AB8C-EDD9DA1B9F29}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{BEE04D51-2D87-4362-8711-559186A6829F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C054F249-8ADC-4169-B46E-A864C31B0834}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C05B5995-31CE-4407-83B0-BB465EF90FEB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C1F1F6C3-E0B9-4C48-A3CE-6C2449D1F63E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C20CCB8F-5EF7-4074-B3DC-3DE7FF112361}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C2F6234F-070B-4B8F-A49A-A60A12E0F445}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C30313C4-BA94-4FE7-B176-870F0002060F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C45C793D-F061-4E82-AE57-FCF4A143364A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C474CA72-5FA3-4CBE-8ED2-570449F216AB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C5283D11-77E4-460C-9400-1356A7636B14}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C74C7FA8-91B5-46B5-A307-15BDB9E45273}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C78D48A6-3C7D-481D-8999-A20CEEB59376}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C7A3B499-7B3F-4619-A1AB-6B963816544F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C8D20291-712D-4D6A-944F-1E9DC71E7F83}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C8E5B3FF-192E-4104-AF23-788DC32B6AC9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C910CA2E-5095-461E-8DFF-F15629607DFF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{C98F0D82-7397-4B54-8C60-010735F7E9CC}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CA61837E-D552-4869-BD5B-5CB4B3137EB1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CAD4CD86-DC84-46ED-A8C9-E14BE7DA5744}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CC680962-72CA-4BE7-8EC8-E2F9598F591F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CC689B3A-50C1-4500-9FEE-F29A43C90F9A}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CCB439EB-79E5-418D-8027-383A67823321}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{CCD7FD7E-3ACC-421A-B21C-6FD8108AD805}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D12B051F-CC36-4C44-B5E1-69FD60DB465D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D1689C66-0D9D-4A2E-8460-A129092A5881}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D39B5D33-3ABE-4EC7-ACD1-7B8772DB9BE6}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D45A415A-362A-4618-8F04-3D13F2BAF01D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D4C9ADD4-CD69-47B2-A78E-D558EDDB8C60}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D4FF3083-2AB0-4277-8437-A8EDC56D2D4E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D6D4569E-5F5F-45DB-BB97-23B4324DF494}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D72692D9-B4DA-4481-A996-35371F69EA61}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D76FB662-8B5B-4611-8DC1-653594E2A8BC}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D7BA70B5-3018-4FE9-A059-FBA1DE6CCDEC}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D8F4D89B-7893-4EB7-9CE1-B0CED66D4169}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{D9E3A433-32C9-4BBC-BE52-EC76D8334025}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DBDF5302-8A64-4338-BD5D-8183FDC26196}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DCF552E4-D130-4206-B7A8-569816535D17}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DD3AB856-69AA-40D2-9586-E2EF355DBD3B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DE31ED9F-0132-4A6B-9DA0-A50AE41A2E0B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DFB5651A-8425-432C-B8DB-9AE9566CF6F8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{DFD8F71B-1250-44B5-BA0E-E84C7009BA65}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E0D990E3-F942-4D29-A3F8-CDC13821D417}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E10C6628-9BDE-4C88-B884-DE519160DAB3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E259238C-960D-474F-9532-BEA55A64EEE2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E2B9F874-0454-462C-AFE9-17E5C5BF2BC1}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E3671A06-7CCD-49AA-B3B7-FA760C42799E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E46A4B52-0435-4DEA-B144-F24979A44D32}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E4B33840-309A-4E2B-81C1-44F1081B01EF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E5E34AAA-DB36-445B-857E-6940FC4BA464}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E69D3E36-5085-48A3-BAC9-3CEF1A78DEFF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E6D6168F-91A5-408A-B600-112F9850DEC8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E7D398AD-9DDB-48F0-8339-15470BEA5FD9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E8BCD226-7433-4154-9928-2326A7686B04}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E8F9B8D8-272C-4BF4-980D-7E0F7618E3A5}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{E9960B8B-BA3B-423C-A0F2-C8ADD48FF0C3}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EA068591-082D-439F-8A3F-6B94E10C4B2C}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EA1E69A6-953D-4454-8F80-531B97B42ABF}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EACEE45F-4B41-4368-8E6B-6F602083F8A9}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EB20CE4C-D117-460F-B627-65234AD8F63E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EB43F52D-297B-42F1-A02B-DFD71DD47C2E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EBC8B9A0-AD52-46E5-905C-E9C2F8DE8E29}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EF1BCC38-5A58-4E9C-BF0A-C8DF0BBD252D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EFB0BA72-1BD3-4979-8F0C-54B5666477A7}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{EFF3086C-4FAB-4DFF-9D81-A31C4A9D225E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F0E1BAF6-5E77-414B-B4DA-FEE9EFE7A139}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F12D0D95-E29F-45DE-84F7-AB05C4594AE8}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F197E4C4-FAD6-448A-9734-AE53DC820D6F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F1C59353-D7C3-47EC-B861-FF82202E22A2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F274C64B-0535-4382-B867-1A132218967D}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F4303EDD-14C1-4BE6-A74B-C80A40238A81}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F532F8D2-F633-4570-A697-8A5EC30F905E}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F61EC85F-B08F-45AF-AF97-472AE14B169B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F68E6526-643C-4E75-BF32-3C35801431CB}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F6D043FF-D14B-4C32-8AF3-0F0FD196CF4F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{F8DA4C5A-053C-4291-B75C-9F1A5E5140C2}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{FA00F5DE-F8A2-4DAE-9975-35EC5F470C2B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{FA6C45EC-A8EF-490C-9348-0AC6E5FEE259}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{FA9DF1D6-B63E-4E1B-AE54-268AEA4B865F}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{FD12DF27-0246-45BC-A4CA-ADE6B055AA0B}
Successfully deleted: [Empty Folder] C:\Users\Mert\appdata\local\{FDA0AC22-2AE6-4E83-9EA6-353E2B55BF7F}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.06.2014 at 17:16:50,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3. Schritt mit FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Mert (administrator) on MERT-PC on 24-06-2014 17:22:23
Running from C:\Users\Mert\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Farbar) C:\Users\Mert\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7BA70AE3423BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://find.localstrike.net/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://find.localstrike.net/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = 
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ReminderFox - {7C9B39E6-6606-4ED2-8A3F-36E39C78CBDC} - C:\Users\Mert\AppData\LocalLow\ReminderFox\IE\ReminderFox.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\ich@maltegoetz.de [2013-05-02]
FF Extension: Google/Yandex search link fix - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2013-05-02]
FF Extension: Private Tab - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\privateTab@infocatcher.xpi [2013-05-02]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-05-02]
FF Extension: Adblock Plus - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-02]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-31]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-07]
FF Extension: No Name - C:\Users\Mert\AppData\Roaming\Mozilla\Firefox\Profiles\vctfu0wd.default\extensions\browserprotect@browserprotect.com.xpi []

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bmbpbcpokffodhpcdjaoopolhdlbconi] - C:\Users\Mert\AppData\Local\Temp\ccex.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpejamdehjfchbpcpblhacbebhiopkom] - C:\Users\Mert\AppData\LocalLow\ReminderFox\CHROME\ReminderFox.crx [2012-02-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-11-27] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-24 17:22 - 2014-06-24 17:22 - 00017786 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 17:21 - 2014-06-24 17:21 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64 (1).exe
2014-06-24 17:10 - 2014-06-24 17:10 - 00000000 ____D () C:\windows\ERUNT
2014-06-24 17:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-24 17:05 - 2014-06-24 17:06 - 00000000 ____D () C:\AdwCleaner
2014-06-24 16:21 - 2014-06-24 16:21 - 00022593 _____ () C:\ComboFix.txt
2014-06-24 16:08 - 2014-06-24 16:08 - 00000085 _____ () C:\windows\wininit.ini
2014-06-24 16:08 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-06-24 16:08 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-06-24 16:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-06-24 16:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-06-24 16:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-06-24 16:08 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-06-24 16:08 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-06-24 16:08 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-06-24 16:00 - 2014-06-24 16:21 - 00000000 ____D () C:\Qoobox
2014-06-24 15:59 - 2014-06-24 16:19 - 00000000 ____D () C:\windows\erdnt
2014-06-24 13:13 - 2014-06-24 13:13 - 00000020 ___SH () C:\Users\Mert\ntuser.ini
2014-06-24 12:55 - 2014-06-24 17:22 - 00000000 ____D () C:\FRST
2014-06-24 12:50 - 2014-06-24 15:19 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 11:57 - 2014-06-24 17:22 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-24 11:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-24 11:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:52 - 2014-06-24 16:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 11:52 - 2014-06-24 16:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 11:48 - 2014-06-24 12:09 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:00 - 2014-06-24 17:07 - 00306802 _____ () C:\windows\PFRO.log
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-24 17:07 - 00000426 _____ () C:\windows\setupact.log
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 01:11 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-22 01:11 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 22:07 - 2014-06-24 11:23 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-19 20:08 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-06-19 20:08 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2014-06-19 20:08 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2014-06-19 20:00 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-06-19 20:00 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-19 20:00 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-19 20:00 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-06-19 20:00 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-06-19 20:00 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-06-19 20:00 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-06-19 20:00 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-06-19 20:00 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-06-19 20:00 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-06-19 20:00 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-06-19 20:00 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-19 20:00 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-19 19:54 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-19 19:54 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-06-19 19:54 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-06-19 19:54 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-06-19 19:52 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-06-19 19:52 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2014-06-19 19:52 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-06-19 19:52 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-06-19 19:52 - 2012-06-02 16:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-19 19:42 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-06-19 19:42 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-06-19 19:42 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2014-06-19 19:42 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-06-19 19:42 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-06-19 19:42 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2014-06-19 19:42 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-06-19 19:42 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-06-19 19:42 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2014-06-19 19:42 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2014-06-19 19:41 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-19 19:41 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-06-19 19:41 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-06-19 19:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-06-19 19:41 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 19:41 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-06-19 19:41 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-06-19 19:41 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 19:41 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 19:41 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-06-19 19:41 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2014-06-19 19:41 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-06-19 19:41 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2014-06-19 19:41 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2014-06-19 19:41 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2014-06-19 19:41 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2014-06-19 19:41 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-06-19 19:41 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2014-06-19 19:41 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2014-06-19 19:41 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2014-06-19 19:41 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2014-06-19 19:41 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2014-06-19 19:41 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2014-06-19 19:41 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-06-19 19:41 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2014-06-19 19:41 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2014-06-19 19:41 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2014-06-19 19:41 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2014-06-19 19:41 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2014-06-19 19:40 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-19 19:40 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-06-19 19:40 - 2014-01-01 01:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-06-19 19:40 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-06-19 19:40 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-06-19 19:40 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2014-06-19 19:40 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-06-19 19:40 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-06-19 19:40 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-06-19 19:40 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2014-06-19 19:40 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2014-06-19 19:40 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2014-06-19 19:40 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2014-06-19 19:40 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-06-19 19:40 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-06-19 19:40 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2014-06-19 19:40 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-06-19 19:40 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-06-19 19:40 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-06-19 19:40 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-06-19 19:40 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-06-19 19:40 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys
2014-06-19 19:40 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys
2014-06-19 19:40 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-06-19 19:40 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\fsutil.exe
2014-06-19 19:40 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-06-19 19:40 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\fsutil.exe
2014-06-19 19:40 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-06-19 19:39 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-19 19:39 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2014-06-19 19:39 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2014-06-19 19:39 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2014-06-19 19:35 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-19 19:35 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-17 16:25 - 2014-06-17 16:30 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-11 13:36 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-11 13:36 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-11 13:36 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-11 13:36 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-11 13:36 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-11 13:36 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-11 13:36 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-11 13:36 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-11 13:36 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:36 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-11 13:36 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-11 13:36 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-11 13:36 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-11 13:36 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:36 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-11 13:36 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-11 13:36 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-11 13:36 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-11 13:36 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-11 13:36 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-11 13:36 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-11 13:36 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-11 13:36 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:36 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-11 13:36 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-11 13:36 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-11 13:36 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-11 13:36 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:36 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-11 13:36 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-11 13:36 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-11 13:36 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-11 13:36 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-11 13:35 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 13:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 13:35 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 13:35 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:35 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 13:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 13:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 13:35 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-06-10 23:32 - 2014-06-15 14:35 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-05-31 03:24 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-31 03:24 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-31 03:24 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-31 03:24 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-31 03:24 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-31 03:24 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-31 03:24 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-31 03:24 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-31 03:24 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-31 03:24 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-31 03:24 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-31 03:24 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-31 03:23 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-31 03:23 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-24 17:22 - 2014-06-24 17:22 - 00017786 _____ () C:\Users\Mert\Desktop\FRST.txt
2014-06-24 17:22 - 2014-06-24 12:55 - 00000000 ____D () C:\FRST
2014-06-24 17:22 - 2014-06-24 11:57 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-24 17:21 - 2014-06-24 17:21 - 02082816 _____ (Farbar) C:\Users\Mert\Desktop\FRST64 (1).exe
2014-06-24 17:15 - 2013-05-02 20:16 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 17:15 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 17:15 - 2009-07-14 06:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 17:12 - 2011-04-17 06:39 - 00753946 _____ () C:\windows\system32\perfh007.dat
2014-06-24 17:12 - 2011-04-17 06:39 - 00166902 _____ () C:\windows\system32\perfc007.dat
2014-06-24 17:12 - 2009-07-14 07:13 - 01754304 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-24 17:10 - 2014-06-24 17:10 - 00000000 ____D () C:\windows\ERUNT
2014-06-24 17:08 - 2013-05-02 20:16 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-24 17:08 - 2011-07-11 10:54 - 00000432 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-06-24 17:07 - 2014-06-24 03:00 - 00306802 _____ () C:\windows\PFRO.log
2014-06-24 17:07 - 2014-06-22 14:02 - 00000426 _____ () C:\windows\setupact.log
2014-06-24 17:07 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-24 17:06 - 2014-06-24 17:05 - 00000000 ____D () C:\AdwCleaner
2014-06-24 17:06 - 2013-08-18 07:33 - 01966462 _____ () C:\windows\WindowsUpdate.log
2014-06-24 16:21 - 2014-06-24 16:21 - 00022593 _____ () C:\ComboFix.txt
2014-06-24 16:21 - 2014-06-24 16:00 - 00000000 ____D () C:\Qoobox
2014-06-24 16:21 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-24 16:19 - 2014-06-24 15:59 - 00000000 ____D () C:\windows\erdnt
2014-06-24 16:18 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-06-24 16:08 - 2014-06-24 16:08 - 00000085 _____ () C:\windows\wininit.ini
2014-06-24 16:08 - 2014-06-24 11:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 16:08 - 2014-06-24 11:52 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-24 15:26 - 2012-02-07 00:13 - 00000000 ____D () C:\windows\PCHEALTH
2014-06-24 15:25 - 2012-10-18 23:23 - 00000000 ___RD () C:\Users\Mert\SkyDrive
2014-06-24 15:19 - 2014-06-24 12:50 - 00000000 ____D () C:\Users\Mert\AppData\Local\CrashDumps
2014-06-24 13:46 - 2013-06-28 22:25 - 00000000 ____D () C:\Riot Games
2014-06-24 13:13 - 2014-06-24 13:13 - 00000020 ___SH () C:\Users\Mert\ntuser.ini
2014-06-24 13:13 - 2011-06-29 14:55 - 00000000 ____D () C:\Users\Mert
2014-06-24 12:42 - 2012-08-23 12:06 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2014-06-24 12:15 - 2012-06-09 01:36 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\QuickScan
2014-06-24 12:09 - 2014-06-24 11:48 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-24 11:56 - 2014-06-24 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-24 11:53 - 2014-06-24 11:53 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-24 11:23 - 2014-06-21 22:07 - 00000000 ____D () C:\Users\Mert\Documents\FINANZ
2014-06-24 03:43 - 2011-04-17 04:17 - 00000000 ____D () C:\ProgramData\Sonic
2014-06-24 03:34 - 2014-06-24 03:34 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-24 03:00 - 2014-06-24 03:00 - 00530864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-24 02:38 - 2014-06-24 02:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-22 20:30 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Mert\Desktop\Bafög
2014-06-22 14:05 - 2014-06-22 14:05 - 00138024 _____ () C:\Users\Mert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-22 14:02 - 2014-06-22 14:02 - 00000000 _____ () C:\windows\setuperr.log
2014-06-22 13:52 - 2014-06-22 13:52 - 00000000 ____D () C:\Users\Mert\Desktop\Auslandsfamulatur
2014-06-22 02:10 - 2013-05-02 20:16 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 02:10 - 2013-05-02 20:16 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 01:15 - 2011-07-02 11:21 - 01728584 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-06-21 22:09 - 2014-01-24 04:18 - 00000000 ____D () C:\Users\Mert\Documents\UNI
2014-06-21 10:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-20 06:39 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-20 06:38 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-20 06:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-19 17:39 - 2014-04-19 04:04 - 00000000 ____D () C:\Users\Mert\Desktop\BP
2014-06-17 16:56 - 2011-06-30 00:45 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Skype
2014-06-17 16:30 - 2014-06-17 16:25 - 00000585 _____ () C:\Users\Mert\Desktop\ssm59.txt
2014-06-15 14:35 - 2014-06-10 23:32 - 00001420 _____ () C:\Users\Mert\Desktop\WAHLFACHER.txt
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\Users\Mert\AppData\Local\PMB Files
2014-06-15 11:53 - 2011-07-10 22:10 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-15 11:46 - 2011-09-08 17:23 - 00000000 ____D () C:\windows\Minidump
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieUserList
2014-06-15 11:44 - 2014-06-15 11:44 - 00000000 __SHD () C:\Users\Mert\AppData\Local\EmieSiteList
2014-06-13 19:14 - 2013-06-28 22:23 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\Riot Games
2014-06-11 13:43 - 2013-07-14 03:00 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 13:40 - 2011-07-01 01:27 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-02 19:03 - 2011-09-29 23:03 - 00000000 ____D () C:\Users\Mert\AppData\Roaming\InternetCalls
2014-05-30 12:21 - 2014-06-11 13:36 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:36 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:36 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:36 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:36 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:36 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:36 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:36 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:36 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:36 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:36 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:36 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:36 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:36 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:36 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:36 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:36 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:36 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:36 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:36 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:36 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:36 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:36 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:36 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:36 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:36 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:36 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:36 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:36 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:36 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:36 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:36 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:36 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:36 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:36 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:36 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:36 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:36 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:36 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:36 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Mert\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 22:19

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 24.06.2014, 16:26   #15
Vale7
 
Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Standard

Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


3. Schritt:

Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Mert at 2014-06-24 17:25:22
Running from C:\Users\Mert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.21 - STMicroelectronics)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10127 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{E033338C-BDDC-63E2-918F-15169BCD4492}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cardiac Auscultation 1.0 (HKLM-x32\...\Cardiac Auscultation) (Version: 1.0 - medical concepts Bonn)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0127.629.11510 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0127.629.11510 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0127.629.11510 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help English (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help French (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help German (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0127.629.11510 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0127.629.11510 - ATI) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3907 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.3907 - CyberLink Corp.) Hidden
Dell Backup and Recovery Manager (HKLM\...\{975DFE7C-8E56-45BC-A329-401E6B1F8102}) (Version: 1.3 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.24.2 - Dell)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.12 build 715 - Finarea S.A. Switzerland)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Validity Sensors DDK (HKLM\...\{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}) (Version: 4.3.108.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

21-06-2014 23:11:42 Windows Update
24-06-2014 14:04:06 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-06-24 16:18 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0D79F8B9-AE27-47B1-86E9-2D964FFBF96C} - System32\Tasks\{B8B3AFCA-719F-4E8B-AFDB-9F08C03E7F33} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=-9
Task: {15767D9E-139D-49C5-BBA8-6AFB65187E70} - System32\Tasks\{EBFBB72A-8F91-4338-AC11-1B09D0ECF919} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {19A6CB3F-C766-4FBA-A87A-D72413F467F3} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {240A4CF0-2A4C-496B-A581-F8AF97111E15} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {44F67E6F-F864-4F8E-BA93-87C4AA5F3E3E} - System32\Tasks\{3F0AF743-96D6-4B33-95B5-7888F98BAC58} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {5FD11B08-48BD-4CD4-A13C-AD0479DC4E4E} - System32\Tasks\{26FD0356-06AC-4CE8-AF7C-2796FEFD7A45} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {8742C5E3-B032-4FD0-8EBA-C7D90391BC6F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-11-30] (PC-Doctor, Inc.)
Task: {8A3EE6C7-DA3C-43DF-8490-495D9173F3F4} - System32\Tasks\{E6A6D582-A192-48AD-8F3E-81F63BC14418} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=12007
Task: {A7D7227C-921B-493E-AC2E-0C049237EE33} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {DA6B1B2F-FB8F-4497-98DB-E23A29BBF46E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {DBCA6139-28A9-49F3-AD12-94E39A9EF6AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E654EDC8-76FF-4449-968D-A7C674719F3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {E7322C11-AABB-461E-8ECB-6563514FEAC4} - System32\Tasks\{C086165C-BFC4-4C1C-BF8C-A4F3DB2EF524} => Chrome.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsProgressBar
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-04-17 06:17 - 2011-01-08 02:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 20:53 - 2010-12-17 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-01-27 13:27 - 2011-01-27 13:27 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-12-17 17:57 - 2010-12-17 17:57 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-06-19 21:18 - 2014-06-19 21:18 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-04-17 04:00 - 2010-11-06 06:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-12 22:13 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 22:13 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:kcsfiNCXziUY4Ym0oKuS8ebCp4
AlternateDataStreams: C:\ProgramData\Microsoft:NlO23BbW52Qg9kMzJfY4Xtornth
AlternateDataStreams: C:\Users\Mert\AppData\Local\Temp:Dn5bA7i8kvgo2aNls

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Free Music Zilla.lnk => C:\windows\pss\Free Music Zilla.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Mert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DU Meter => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Mert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Mert\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\Mert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Wireless Router with Ethernet Switch
Description: Wireless Router with Ethernet Switch
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-24 16:17:28.209
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-24 16:17:28.119
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-30 20:28:17.465
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:17.247
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.989
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.786
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.286
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-30 20:28:16.021
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4003.18 MB
Available physical RAM: 2037.95 MB
Total Pagefile: 8004.54 MB
Available Pagefile: 5507.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:212.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 76FC8FD1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================

EDIT: Wenn ich Bitdefender online quick scan mache, kommt diese Meldung:

"Ihr System ist infiziert mit Trojan.Generic.5273676"

Antwort
Seite 1 von 2 1 2

Themen zu Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.
blockiert, conduitsearch, conduitsearch entfernen, deaktiviert, defender, fehlermeldung, festplatte, festplatten, gruppenrichtlinie blockiert, installiert, nicht mehr, programme, win32/downloadsponsor.a, win32/toolbar.conduit.y, win32/toolbar.iminent.c, win64/adware.mediafinder.a


« Infektion durch Excel Tabelle mit SupTab etc... | Windows Installer Version / RegCleanPro / Flackernder Bildschirm »


Ähnliche Themen: Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert.


  1. AVG 2015 wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 17.11.2014 (9)
  2. AVG wurde durch eine Gruppenrichtlinie blockiert ......
    Log-Analyse und Auswertung - 06.11.2014 (11)
  3. Avast-dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 08.10.2014 (4)
  4. Win 7: Avast Antivir Fehler "dieses Programm wurde durch eine Gruppenrichtlinie blockiert [...]"
    Log-Analyse und Auswertung - 08.10.2014 (8)
  5. Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (7)
  6. Avast - Dieses Programm wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 09.09.2014 (5)
  7. AVG - Programm wurde durch eine Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 05.09.2014 (7)
  8. Avast - ....durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 22.08.2014 (12)
  9. dieses programm wurde durch eine gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 05.08.2014 (12)
  10. "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." (AVAST)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (12)
  11. Dieses Programm wurde durch eine Gruppenrichtlinie blockiert... Avast und Antivir lassen sich nicht mehr starten!
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (17)
  12. Avast => Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.
    Log-Analyse und Auswertung - 18.06.2014 (19)
  13. Problem avast zu öffnen - Dieses Programm wurde durch eine Gruppenrichtlinie blockiert.
    Log-Analyse und Auswertung - 17.06.2014 (19)
  14. Avira wurde durch eine Gruppenrichtlinie blockiert!
    Alles rund um Windows - 05.06.2014 (5)
  15. Avast wurde durch eine Gruppenrichtlinie geblockt
    Plagegeister aller Art und deren Bekämpfung - 01.06.2014 (9)
  16. Avast - Datei wurde durch eine Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 02.05.2014 (15)
  17. Virus / Trojaner blockiert Avira "...wurde durch eine Gruppenrichtlinie blockiert"
    Log-Analyse und Auswertung - 20.03.2014 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. - Guten Tag, Ich habe seit einer Woche ein Problem und zwar kommt bei Windowsstart immer eine Fehlermeldung und zudem startet mein Antivirus-Programm Avast nicht mehr; Es kommt jedes Mal diese - Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert....
Archiv
Du betrachtest: Trojaner? Avast wurde durch eine Gruppenrichtlinie blockiert. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24