Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Löschen von Infizierten Dateien nicht möglich (https://www.trojaner-board.de/142014-loeschen-infizierten-dateien-moeglich.html)

asisstent 23.09.2013 16:24
Löschen von Infizierten Dateien nicht möglich
 
Guten Tag

Vorgestern ist mir aufgefallen, das was an meinem PC nicht stimmt. Mit Ad- Aware stellte sich heraus, dass es 4 infizierte .txt Dateien waren. Diese wurden so gleich gelöscht.
Gestern dann wieder das gleiche Problem und versucht heraus zu finden an welchem Ort diese waren und um was es sich dabei genau handelt.
Nach Aussage vom Internet seien dies Cookies, die aber nicht gefährlich seien. Diese kommen vom Browser IE9. Natürlich nicht so gleich gelöscht sondern versucht in Erfahrung zu bringen wo diese sitzen.
.
C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Cookies/Low
.
Und genau in diesem Ordner komme ich nicht rein, auch nicht als Administrator. Jedes Mal wird angezeigt das der Zugriff verweigert wird. Selbst mit einem Rechtsklick erscheint diese Meldung. Im Abgesicherten Modus ist auch kein Zutritt zu finden dabei.
.
Heute einen Panda Active Scan gemacht. Dieser zeigte mir 2 Bedrohungen an. Aber diese kann ich nicht entfernen, auch aus Hilfe beim Internet habe ich keine Lösung finden können.
Die Logfile davon habe ich gespeichert. Panda möchte mir unbedingt etwas Verkaufen damit es gelöscht werden wird.
Auch mit HiJackThis gab es bei der Automatischen Auswertung keine nennenswerten Aussagen, die darauf deuten das irgendetwas nicht richtig funktioniert. (zumindest denke ich dieses) Hier weiß ich aber, dass es eine Aussage auf eigenem Risiko besteht und die Auswertung fand heute stat.
.
Da ich nicht weiß wie ich auf den Oben genannten Ordner zugreifen kann um es eventuell manuell zu entfernen und auch nicht weiß wie ich die 2 Befallenen Dateien von Panda Active Scan entfernen kann, wende ich mich nun an Ihnen.
Vielen Dank Gruß Fabian

die gewünschten Logfile habe ich als zip datei gemacht. Da diese zuviel Buchstaben beinhalten.

Anhang 60496


Vielen DAnk für die Mühe und Zeit.

schrauber 23.09.2013 16:27
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


asisstent 23.09.2013 16:30
hallo,
habe alles wie in der Hilfestellung angegeben und als Anhang mitgegeben.
DankeFRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2013
Ran by teddyber at 2013-09-23 16:11:15
Running from C:\Users\teddyber\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133)
Ad-Aware Antivirus (x32 Version: 10.5.3.4405)
Ad-Aware Browsing Protection (x32 Version: 1.0.1.110)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
AFPL Ghostscript 8.54 (x32)
AFPL Ghostscript Fonts (x32)
ASUS Xonar DG Audio Driver
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bullzip PDF Printer 7.2.0.1313 (Version: 7.2.0.1313)
BurnAware Free 4.9 (x32)
CCleaner (Version: 4.05)
DAEMON Tools Lite (x32 Version: 4.40.2.0131)
DHTML Editing Component (x32 Version: 6.02.0001)
Diablo III (x32 Version: 1.0.7.14633)
Druckerdeinstallation für EPSON Stylus S20 Series
Eusing Free Registry Cleaner (x32)
GPL Ghostscript (x32 Version: 9.05)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Luxor Amun Rising with Luxor (x32 Version: )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 14.0.1468.721)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
O&O Defrag Free Edition (Version: 14.1.431)
OpenAL (x32)
OpenMG Limited Patch 4.7-07-14-05-01 (x32)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140)
Opera 12.16 (x32 Version: 12.16.1860)
Oracle VM VirtualBox 4.2.18 (Version: 4.2.18)
Panda ActiveScan 2.0 (x32 Version: 01.04.01.0014)
PDF Blender (x32)
PDF-XChange Viewer (Version: 2.5.199.0)
Platform (x32 Version: 1.34)
Razer DeathAdder Black Edition Mouse (x32 Version: 1.02)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Skype™ 6.7 (x32 Version: 6.7.102)
SnapAPI (x32 Version: 4.5.2140)
Steam (x32 Version: 1.0.0.0)
TeamViewer 8 (x32 Version: 8.0.18051)
Torchlight II (x32)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1174B1BF-A728-425F-B7C7-EA09291E53DA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {4752FB41-EA22-4E04-9535-909665747900} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1271389837-1087916619-1279208209-500
Task: {91C063BC-9394-46C1-99E0-FBFA6BF78C62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-19] (Adobe Systems Incorporated)
Task: {C1FFA74E-4626-4B92-A615-925DA1F5B122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-09-14 00:24 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-06-13 02:27 - 2013-06-13 02:27 - 01280896 _____ (Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareShellExtension64.dll
2011-07-05 17:30 - 2012-06-08 21:33 - 00808072 _____ (Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll
2012-10-01 15:25 - 2010-09-17 07:53 - 00121856 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2012-06-28 21:50 - 2012-06-28 21:50 - 02013568 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_view.dll
2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm
2013-07-15 23:09 - 2013-07-15 23:09 - 00318864 _____ (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
2013-06-13 02:28 - 2013-06-13 02:28 - 00953704 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files (x86)\Ad-Aware Antivirus\htmlayout.dll
2012-09-20 05:38 - 2012-09-20 05:38 - 00056712 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvcPS.dll
2013-06-13 02:27 - 2013-06-13 02:27 - 00465248 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\cart\CartSdk.dll
2012-05-14 08:56 - 2013-07-08 07:43 - 16192864 _____ (Opera Software) C:\Program Files (x86)\Opera\Opera.dll
2013-08-19 09:56 - 2013-08-19 09:56 - 16230792 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_94.ocx
2012-06-28 21:46 - 2012-06-28 21:46 - 13005184 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2012-06-28 18:34 - 2012-06-28 18:34 - 00018816 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\teddyber:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\teddyber\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\teddyber\Cookies:gs5sys
AlternateDataStreams: C:\Users\teddyber\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\teddyber\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\teddyber\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2013 10:55:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2013 07:12:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 10:01:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 05:38:31 PM) (Source: Application Hang) (User: )
Description: Programm AdAware.exe, Version 10.5.3.4405 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cac

Startzeit: 01ceb7a9403f5141

Endzeit: 17

Anwendungspfad: C:\PROGRA~2\AD-AWA~1\AdAware.exe

Berichts-ID: 055412fc-239d-11e3-bebe-00252287a27a

Error: (09/22/2013 05:35:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/23/2013 00:11:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RkPavproc1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (09/23/2013 00:11:29 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (09/23/2013 10:54:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/23/2013 10:54:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (09/23/2013 10:54:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/23/2013 10:54:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (09/23/2013 10:54:51 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (09/23/2013 10:54:50 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (09/23/2013 10:54:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/23/2013 10:54:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 3327.24 MB
Available physical RAM: 1453.71 MB
Total Pagefile: 6652.67 MB
Available Pagefile: 4635.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:50.01 GB) (Free:15.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Spiele) (Fixed) (Total:204.8 GB) (Free:179.98 GB) NTFS
Drive f: (Volume) (Fixed) (Total:210.95 GB) (Free:135.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C988D1C9)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=205 GB) - (Type=05)
Partition 3: (Not Active) - (Size=211 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2013
Ran by teddyber (administrator) on ACCELATOR on 23-09-2013 16:10:11
Running from C:\Users\teddyber\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, [x]
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {b2d76625-7760-11e1-a1b4-00252287a27a} - G:\Startme.exe
MountPoints2: {fafef23e-a713-11e0-9d7c-806e6f6e6963} - "D:\Diablo III Setup.exe"
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKU\Administrator\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lixam.de/#
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC490DCFF283BCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File
Filter-x32: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S4 GhosteryStatsUpdater; C:\Users\Administrator\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe [18432 2012-02-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S4 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-05] (DT Soft Ltd)
R3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-19] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
S3 cpuz130; No ImagePath
S3 cpuz135; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 16:10 - 2013-09-23 16:10 - 00000000 ____D C:\FRST
2013-09-23 16:08 - 2013-09-23 16:08 - 01955550 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:00 - 2013-09-23 16:09 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-23 12:10 - 2009-06-30 10:37 - 00033800 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\pavboot64.sys
2013-09-22 22:15 - 2013-09-22 22:32 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-22 17:34 - 2013-09-23 10:53 - 00000224 _____ C:\Windows\setupact.log
2013-09-22 17:34 - 2013-09-22 17:34 - 00000000 _____ C:\Windows\setuperr.log
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 10:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-21 10:34 - 2013-09-21 10:34 - 00615861 _____ C:\Users\teddyber\Desktop\Zinn_VK.rar
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-17 13:22 - 2013-09-17 13:22 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:51 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-16 11:51 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-16 11:51 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-16 11:51 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-16 11:51 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-09-16 11:39 - 2013-06-21 12:23 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-16 11:39 - 2013-06-21 12:23 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-16 11:39 - 2013-06-21 12:23 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-16 11:39 - 2013-06-21 12:23 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-16 11:39 - 2013-06-21 12:23 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-16 11:39 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-16 11:39 - 2013-06-20 06:17 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:30 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-16 10:30 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-16 10:30 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-16 10:30 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-16 10:30 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-16 10:30 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-16 10:30 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-16 10:30 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-16 10:30 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-16 10:30 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-16 10:30 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-16 10:30 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-16 10:30 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-16 10:30 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-16 10:30 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-16 10:30 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-16 10:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-16 10:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-16 10:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-16 10:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-16 10:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-16 10:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-16 10:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-16 10:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:21 - 2013-09-06 14:27 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-16 10:20 - 2013-09-06 14:25 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 10:00 - 2013-09-22 17:43 - 00000000 ____D C:\AdwCleaner
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-24 20:51 - 2013-08-24 21:16 - 00000000 ____D C:\Windows\system32\oodag
2013-08-24 20:28 - 2013-08-24 20:28 - 00000000 ____D C:\Program Files\OO Software

==================== One Month Modified Files and Folders =======

2013-09-23 16:11 - 2013-08-19 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-23 16:10 - 2013-09-23 16:10 - 00000000 ____D C:\FRST
2013-09-23 16:09 - 2013-09-23 16:00 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-23 16:08 - 2013-09-23 16:08 - 01955550 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:07 - 2011-07-05 16:42 - 00000000 ____D C:\Users\teddyber
2013-09-23 12:26 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 12:26 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 10:57 - 2011-07-05 16:37 - 01667747 _____ C:\Windows\WindowsUpdate.log
2013-09-23 10:54 - 2013-08-19 09:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-23 10:53 - 2013-09-22 17:34 - 00000224 _____ C:\Windows\setupact.log
2013-09-23 10:53 - 2012-01-24 17:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-23 10:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 22:32 - 2013-09-22 22:15 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-22 17:43 - 2013-09-16 10:00 - 00000000 ____D C:\AdwCleaner
2013-09-22 17:38 - 2013-02-15 08:41 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Ad-Aware Antivirus
2013-09-22 17:34 - 2013-09-22 17:34 - 00000000 _____ C:\Windows\setuperr.log
2013-09-22 17:33 - 2013-02-15 08:43 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-22 13:09 - 2012-05-15 11:26 - 00000000 ____D C:\Users\teddyber\Documents\Diablo III
2013-09-21 11:23 - 2013-08-19 09:45 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 10:34 - 2013-09-21 10:34 - 00615861 _____ C:\Users\teddyber\Desktop\Zinn_VK.rar
2013-09-19 16:01 - 2013-08-20 14:59 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Skype
2013-09-19 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-19 12:08 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-19 00:25 - 2011-07-05 17:28 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-19 00:23 - 2013-02-15 08:43 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-19 00:13 - 2010-11-21 08:50 - 00697310 _____ C:\Windows\system32\perfh007.dat
2013-09-19 00:13 - 2010-11-21 08:50 - 00148324 _____ C:\Windows\system32\perfc007.dat
2013-09-19 00:13 - 2009-07-14 07:13 - 01614942 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-18 08:14 - 2011-09-15 07:04 - 00000000 ___RD C:\Users\teddyber\Desktop\Games
2013-09-17 13:22 - 2013-09-17 13:22 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:55 - 2012-03-29 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-16 11:53 - 2012-06-10 12:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-16 11:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 10:42 - 2009-07-14 06:45 - 00368816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-16 10:34 - 2013-08-19 10:09 - 00000000 ____D C:\Windows\system32\MRT
2013-09-16 10:32 - 2011-07-07 08:31 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-16 10:32 - 2011-07-05 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-16 10:23 - 2012-03-09 14:18 - 00000000 ____D C:\Users\teddyber\.VirtualBox
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 09:22 - 2011-07-07 09:09 - 00000000 ____D C:\Users\teddyber\Documents\Meine empfangenen Dateien
2013-09-06 14:27 - 2013-09-16 10:21 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-06 14:25 - 2013-09-16 10:20 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:43 - 2011-07-05 17:34 - 00000000 ____D C:\Windows\Panther
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:40 - 2011-07-05 16:43 - 00001417 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-31 15:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-30 09:48 - 2013-08-19 09:45 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-08-19 09:45 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-08-19 09:45 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-28 14:19 - 2011-07-05 18:17 - 00097992 _____ C:\Users\teddyber\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 17:55 - 2012-11-10 23:03 - 00000000 ____D C:\Users\teddyber\AppData\Local\Runic Games
2013-08-24 21:16 - 2013-08-24 20:51 - 00000000 ____D C:\Windows\system32\oodag
2013-08-24 20:31 - 2012-03-03 09:18 - 00000042 _____ C:\Windows\oodjobd.INI
2013-08-24 20:28 - 2013-08-24 20:28 - 00000000 ____D C:\Program Files\OO Software
2013-08-24 20:28 - 2012-05-14 08:12 - 00000000 ____D C:\Users\teddyber\AppData\Local\O&O

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-23 14:07

==================== End Of Log ============================
--- --- ---

schrauber 23.09.2013 18:14
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

asisstent 23.09.2013 18:46
abend,
hier bitte das folgende Logfile dazu.

#
Combofix Logfile:
Code:
ComboFix 13-09-23.02 - teddyber 23.09.2013  19:34:37.1.6 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3327.2064 [GMT 2:00]
ausgeführt von:: c:\users\teddyber\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\jestertb.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-23 bis 2013-09-23  ))))))))))))))))))))))))))))))
.
.
2013-09-23 17:37 . 2013-09-23 17:37        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-09-23 17:37 . 2013-09-23 17:37        --------        d-----w-        c:\users\Administrator\AppData\Local\temp
2013-09-23 14:10 . 2013-09-23 14:10        --------        d-----w-        C:\FRST
2013-09-23 10:10 . 2009-06-30 08:37        33800        ----a-w-        c:\windows\system32\drivers\pavboot64.sys
2013-09-22 20:15 . 2013-09-22 20:32        --------        d-----w-        c:\users\teddyber\AppData\Roaming\GHISLER
2013-09-21 08:51 . 2013-09-21 08:51        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-21 08:51 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-09-21 08:50 . 2013-09-21 08:50        --------        d-----w-        c:\users\teddyber\AppData\Local\Programs
2013-09-18 22:25 . 2013-09-18 22:25        --------        d-----w-        c:\programdata\Downloaded Installations
2013-09-18 22:25 . 2013-09-18 22:25        --------        d-----w-        c:\users\teddyber\AppData\Local\adawarebp
2013-09-18 22:25 . 2013-09-18 22:25        --------        d-----w-        c:\programdata\Ad-Aware Browsing Protection
2013-09-17 11:22 . 2013-09-17 11:22        --------        d-----w-        c:\program files (x86)\iMesh Applications
2013-09-16 09:55 . 2013-09-16 09:55        --------        d-----w-        c:\program files (x86)\AGEIA Technologies
2013-09-16 09:39 . 2013-06-21 10:23        6496544        ----a-w-        c:\windows\system32\nvcpl.dll
2013-09-16 09:39 . 2013-06-21 10:23        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-09-16 09:39 . 2013-06-21 10:23        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-09-16 09:39 . 2013-06-21 10:23        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-09-16 09:39 . 2013-06-21 10:23        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-09-16 09:39 . 2013-06-21 10:23        237856        ----a-w-        c:\windows\system32\nvmctray.dll
2013-09-16 09:39 . 2013-06-20 04:17        3253909        ----a-w-        c:\windows\system32\nvcoproc.bin
2013-09-16 09:38 . 2013-09-16 09:38        --------        d-----w-        c:\programdata\NVIDIA Corporation
2013-09-16 08:27 . 2013-07-26 02:24        14172672        ----a-w-        c:\windows\system32\shell32.dll
2013-09-16 08:26 . 2013-08-02 02:12        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 08:21 . 2013-09-06 12:27        238352        ----a-w-        c:\windows\system32\drivers\VBoxDrv.sys
2013-09-16 08:20 . 2013-09-06 12:25        119056        ----a-w-        c:\windows\system32\drivers\VBoxUSBMon.sys
2013-09-16 08:11 . 2013-09-16 08:11        --------        d-----w-        c:\program files\CCleaner
2013-09-16 08:00 . 2013-09-22 15:43        --------        d-----w-        C:\AdwCleaner
2013-09-16 07:18 . 2013-08-06 08:58        9515512        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{832B9423-B9B8-4F8D-9959-683C1863A49E}\mpengine.dll
2013-09-06 12:25 . 2013-09-06 12:25        146704        ----a-w-        c:\windows\system32\drivers\VBoxNetFlt.sys
2013-09-06 12:25 . 2013-09-06 12:25        131856        ----a-w-        c:\windows\system32\drivers\VBoxNetAdp.sys
2013-09-06 12:25 . 2013-09-06 12:25        204048        ----a-w-        c:\windows\system32\VBoxNetFltNobj.dll
2013-08-31 13:38 . 2013-08-31 13:38        --------        d-----w-        c:\windows\SysWow64\wbem\en-US
2013-08-31 13:38 . 2013-08-31 13:38        --------        d-----w-        c:\windows\system32\wbem\en-US
2013-08-24 18:51 . 2013-08-24 19:16        --------        d-----w-        c:\windows\system32\oodag
2013-08-24 18:28 . 2013-08-24 18:28        --------        d-----w-        c:\program files\OO Software
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-18 22:23 . 2013-02-15 06:43        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
2013-09-16 08:32 . 2011-07-07 06:31        79143768        ----a-w-        c:\windows\system32\MRT.exe
2013-08-30 07:48 . 2013-08-19 07:45        378944        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-08-19 07:45        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-08-19 07:45        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-08-19 07:45        1030952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-19 07:45        204880        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-08-19 07:45        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-08-19 07:45        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-08-19 07:45        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-08-19 07:45        41664        ----a-w-        c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-08-19 07:45        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-08-19 07:56 . 2012-04-14 14:04        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-19 07:56 . 2011-07-05 15:24        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-16 08:27        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-20 13:47        1888768        ----a-w-        c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-20 13:47        1620992        ----a-w-        c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-20 13:47        2048        ----a-w-        c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-20 13:47        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-20 13:47        224256        ----a-w-        c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-20 13:47        1217024        ----a-w-        c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-20 13:47        1472512        ----a-w-        c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-20 13:47        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-20 13:47        139776        ----a-w-        c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-20 13:47        663552        ----a-w-        c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-20 13:47        175104        ----a-w-        c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-20 13:47        1166848        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-20 13:47        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-20 13:47        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-20 13:46        1910208        ----a-w-        c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2012-04-27 1173680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-07-15 554384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 cpuz130;cpuz130; [x]
R3 cpuz135;cpuz135; [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 GhosteryStatsUpdater;GhosteryStats Updater;c:\users\Administrator\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe;c:\users\Administrator\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt67;Acronis Disk Storage Filter (67);c:\windows\system32\DRIVERS\vsflt67.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt67.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 cmudaxp;ASUS Xonar DG Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 DABlackFltr;DeathAdder Black Edition Mouse;c:\windows\system32\drivers\DABlack.sys;c:\windows\SYSNATIVE\drivers\DABlack.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys;c:\windows\SYSNATIVE\DRIVERS\VKbms.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PWDDAPOW
*Deregistered* - pwddapow
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 07:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.lixam.de/#
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = 
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: startpage.com\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
AddRemove-ActiveScan 2.0 - c:\program files (x86)\Panda Security\ActiveScan 2.0\as2uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOPM03.00.00.01PRO"="0FB6F5E84578963007557633FCA8A794901878F75E6BEBF473AFF0C4E2D41102F5D703BAA4B3661919A807DFD70CEF89E3B9ADC4E5DB8D1ABF8FADF68A3534E961DD82C988A8B19B4195B866697B81D129C8CF33D4AF3A79CC5A26866F5FF96CF57D782D4DE1F7D73D83F0BAF5C690F856834335781E72AFE8445F01080DD452FA7E2BADB33E3CE26D71558429924D0406BB306E042D3D4A869123A8AF4C3C57FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A9C6AECB7A5D14078EDD5E5BE2F6E66741B86E5D6569FAD9085295C4F4E416C1803B37D355EE9324B8252171D384CD094C2DB070566894AEFB8E3C3DBE819EA95B9E93675683135188A19172DAE21EF877E737FD072098FECDC05CB6BBE040A9CA3AEB9DB0D77ACFC5B1341A34FB2DDBB4B1C2E18192249347A8D9A8228889331361642ADE16E9604EDC8C7BC43FCCDF19E8D92CB41559A5569759C208D00EB09AFD627BC23E0638A2C265DDD5F0D2A55E004322F14FDCE48F77C4E4E868E27D6E0A93AC20227480E612C73D16A71644E37D0D3C70BD5975A9414B26A2D1A2683D9763921F68E255E31206C994D0F2C6AA7B8A274BB1FC6BFE85DECE7B626EB7DC4909324C8BFE49889BB36648AACB28D7A84D42FED0F7D58D6635DC99C26522C35979C7185C7D5FE39BA92A8B4A04DCB6C5B124EF1380AFF91DC70108F2B1D20D12EE40D67B17932B9203611A96064AB4AAD114624550EE8AF357A23642FA6BFA55EB3EC06085CFB7171F8B94CABB4BE2C0120E030925792A4962D9F85872FE7096AF18725688F60653A35B037897ACF78715C35FD0402B6891B275052EC89674DEC4D9ECFBE4DD370179B94D028EB04E90C41968E7E7D076535075779135AD34C8F24194C3624C90754AC0BF9F180EE201CEA6F66965AF2C2A098F4F24F3337E07CCBF30F34B01F91488400EDCB1EC5814243944C786FE84C570AD71DB400CC7DB23FD6D28F02C0155663CCC9ADBEEF49979506EC61D671FE85CEDA203DF1128A08DD45DCEA5F35747DD6C748A1B22A07048A278FDFD0A3DEAE52111B6988DDAC1E7D2F22BC16ECF0CAABBE3B5F60F6A12CD9648DC04F9C737ECCC4A6935C141BD513C08D321ABE558CBCADAF7FE2F84080BC928220C3C474D912B41E004605DAB2C85D7B2222BB475066B0181C06FC5EEC50C4762F74EECBFBB28CE35D693D73120D902882AE2FC3F61275DD553B3A57A06E13888AD1E8A3714E72ED58576FD8C97198DE59F3B25A9AB375E4CCC5144F01985EFCF160E17EC8A3DFD04EA18BC8C43D3E0B2EE11B438720D5610CC1161AC126149C81FF5ACB15033415664FD2B17945149A8863659848B4B78A1F1B2659BC2968458BAA08BE8DA07E0B456A0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\0b\05\19\0f(9\04"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-23  19:39:12
ComboFix-quarantined-files.txt  2013-09-23 17:39
.
Vor Suchlauf: 9 Verzeichnis(se), 16.514.965.504 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 16.366.268.416 Bytes frei
.
- - End Of File - - 65B9A5ECEE6773AB7CF7FB95A6507592
--- --- ---
D1B69622110ACF36002804FF934065F8

schrauber 24.09.2013 09:14
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

asisstent 24.09.2013 11:41
Liste der Anhänge anzeigen (Anzahl: 1)
Mahlzeit und danke für´s melden,
ich weiß ja nun nicht was sich geändert hat seit gestern- ad Aware zeigt mir nun nicht mehr an, das irgendwas potenzial gefährliches auf der HHD vorhanden ist.
3mal habe ich es nochmals durchlaufen lassen um Missverständnisse zu vermeiden.
1) gestern Abend 2) letzte Nacht und 3) heute Morgen gegen 6Uhr zum Schluss.
Aber ob das was Panda Scan gemacht hat, schon entfernt ist, weiß ich nun nicht und wie ich in den Ordner gelange habe ich auch nicht herausfinden können, leider.
Bitte nochmals die gewünschten Files
Gruß Fabian und nochmals Thanks

#
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.21.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
teddyber :: ACCELATOR [Administrator]

24.09.2013 11:37:46
mbam-log-2013-09-24 (11-37-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 365115
Laufzeit: 28 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

#
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by teddyber on 24.09.2013 at 12:12:21,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\teddyber\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\teddyber\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Users\teddyber\AppData\Roaming\microsoft\windows\start menu\programs\free registry cleaner"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.09.2013 at 12:17:09,50
End of JRT log

#
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2013
Ran by teddyber (administrator) on ACCELATOR on 24-09-2013 12:24:48
Running from C:\Users\teddyber\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKU\Administrator\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lixam.de/#
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC490DCFF283BCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File
Filter-x32: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File

==================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S4 GhosteryStatsUpdater; C:\Users\Administrator\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe [18432 2012-02-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S4 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-05] (DT Soft Ltd)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-19] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; No ImagePath
S3 cpuz135; No ImagePath
S0 pavboot; system32\drivers\pavboot64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 12:24 - 2013-09-24 12:24 - 00000878 _____ C:\Users\teddyber\Desktop\AdwCleaner[S2].txt
2013-09-24 12:22 - 2013-09-24 12:22 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-24 12:17 - 2013-09-24 12:18 - 00001411 _____ C:\Users\teddyber\Desktop\JRT.txt
2013-09-24 12:12 - 2013-09-24 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 11:35 - 2013-09-24 11:35 - 01030038 _____ (Thisisu) C:\Users\teddyber\Desktop\JRT.exe
2013-09-24 11:34 - 2013-09-24 11:34 - 01042066 _____ C:\Users\teddyber\Desktop\adwcleaner.exe
2013-09-24 07:55 - 2013-09-24 07:55 - 00000020 ___SH C:\Users\UpdatusUser.accelator\ntuser.ini
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Vorlagen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Startmenü
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Netzwerkumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Lokale Einstellungen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Eigene Dateien
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Druckumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Musik
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Bilder
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Verlauf
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 ____D C:\Users\UpdatusUser.accelator
2013-09-24 07:55 - 2011-07-07 08:26 - 00000000 ____D C:\Users\UpdatusUser.accelator\AppData\Local\Microsoft Help
2013-09-24 07:55 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-24 07:55 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-24 07:51 - 2013-09-24 12:21 - 00000318 _____ C:\Windows\setupact.log
2013-09-24 07:51 - 2013-09-24 07:51 - 00000000 _____ C:\Windows\setuperr.log
2013-09-23 19:39 - 2013-09-23 19:39 - 00022922 _____ C:\ComboFix.txt
2013-09-23 19:33 - 2013-09-23 19:39 - 00000000 ____D C:\Qoobox
2013-09-23 19:33 - 2013-09-23 19:38 - 00000000 ____D C:\Windows\erdnt
2013-09-23 19:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-23 19:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-23 19:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-23 16:10 - 2013-09-23 16:10 - 00000000 ____D C:\FRST
2013-09-23 16:08 - 2013-09-23 16:08 - 01955550 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:00 - 2013-09-24 11:36 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-22 22:15 - 2013-09-22 22:32 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 10:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-21 10:34 - 2013-09-21 10:34 - 00615861 _____ C:\Users\teddyber\Desktop\Zinn_VK.rar
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-17 22:22 - 2013-09-17 22:22 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:51 - 2013-09-17 22:22 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-16 11:51 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-16 11:39 - 2013-09-12 09:25 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-16 11:39 - 2013-09-12 00:06 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:30 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-16 10:30 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-16 10:30 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-16 10:30 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-16 10:30 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-16 10:30 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-16 10:30 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-16 10:30 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-16 10:30 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-16 10:30 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-16 10:30 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-16 10:30 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-16 10:30 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-16 10:30 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-16 10:30 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-16 10:30 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-16 10:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-16 10:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-16 10:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-16 10:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-16 10:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-16 10:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-16 10:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-16 10:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:21 - 2013-09-06 14:27 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-16 10:20 - 2013-09-06 14:25 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 10:00 - 2013-09-24 12:19 - 00000000 ____D C:\AdwCleaner
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-09-24 12:24 - 2013-09-24 12:24 - 00000878 _____ C:\Users\teddyber\Desktop\AdwCleaner[S2].txt
2013-09-24 12:22 - 2013-09-24 12:22 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-24 12:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 12:21 - 2013-09-24 07:51 - 00000318 _____ C:\Windows\setupact.log
2013-09-24 12:21 - 2012-01-24 17:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-24 12:21 - 2011-07-05 16:37 - 01734826 _____ C:\Windows\WindowsUpdate.log
2013-09-24 12:19 - 2013-09-16 10:00 - 00000000 ____D C:\AdwCleaner
2013-09-24 12:18 - 2013-09-24 12:17 - 00001411 _____ C:\Users\teddyber\Desktop\JRT.txt
2013-09-24 12:12 - 2013-09-24 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 12:11 - 2013-08-19 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 11:36 - 2013-09-23 16:00 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-24 11:35 - 2013-09-24 11:35 - 01030038 _____ (Thisisu) C:\Users\teddyber\Desktop\JRT.exe
2013-09-24 11:34 - 2013-09-24 11:34 - 01042066 _____ C:\Users\teddyber\Desktop\adwcleaner.exe
2013-09-24 08:14 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 08:14 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 08:07 - 2009-07-14 06:45 - 00368816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-24 07:59 - 2011-07-05 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-24 07:55 - 2013-09-24 07:55 - 00000020 ___SH C:\Users\UpdatusUser.accelator\ntuser.ini
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Vorlagen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Startmenü
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Netzwerkumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Lokale Einstellungen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Eigene Dateien
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Druckumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Musik
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Bilder
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Verlauf
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 ____D C:\Users\UpdatusUser.accelator
2013-09-24 07:55 - 2012-06-10 12:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-24 07:55 - 2012-03-29 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-24 07:51 - 2013-09-24 07:51 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 06:17 - 2013-08-19 09:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-23 19:39 - 2013-09-23 19:39 - 00022922 _____ C:\ComboFix.txt
2013-09-23 19:39 - 2013-09-23 19:33 - 00000000 ____D C:\Qoobox
2013-09-23 19:38 - 2013-09-23 19:33 - 00000000 ____D C:\Windows\erdnt
2013-09-23 19:37 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-23 16:10 - 2013-09-23 16:10 - 00000000 ____D C:\FRST
2013-09-23 16:08 - 2013-09-23 16:08 - 01955550 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:07 - 2011-07-05 16:42 - 00000000 ____D C:\Users\teddyber
2013-09-22 22:32 - 2013-09-22 22:15 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-22 17:38 - 2013-02-15 08:41 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Ad-Aware Antivirus
2013-09-22 17:33 - 2013-02-15 08:43 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-22 13:09 - 2012-05-15 11:26 - 00000000 ____D C:\Users\teddyber\Documents\Diablo III
2013-09-21 11:23 - 2013-08-19 09:45 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 10:34 - 2013-09-21 10:34 - 00615861 _____ C:\Users\teddyber\Desktop\Zinn_VK.rar
2013-09-19 16:01 - 2013-08-20 14:59 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Skype
2013-09-19 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-19 12:08 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-19 00:25 - 2011-07-05 17:28 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-19 00:23 - 2013-02-15 08:43 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-19 00:13 - 2010-11-21 08:50 - 00697310 _____ C:\Windows\system32\perfh007.dat
2013-09-19 00:13 - 2010-11-21 08:50 - 00148324 _____ C:\Windows\system32\perfc007.dat
2013-09-19 00:13 - 2009-07-14 07:13 - 01614942 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-18 08:14 - 2011-09-15 07:04 - 00000000 ___RD C:\Users\teddyber\Desktop\Games
2013-09-17 22:22 - 2013-09-17 22:22 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-17 22:22 - 2013-09-16 11:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-17 22:22 - 2012-10-10 22:22 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 10:34 - 2013-08-19 10:09 - 00000000 ____D C:\Windows\system32\MRT
2013-09-16 10:32 - 2011-07-07 08:31 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-16 10:23 - 2012-03-09 14:18 - 00000000 ____D C:\Users\teddyber\.VirtualBox
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 09:22 - 2011-07-07 09:09 - 00000000 ____D C:\Users\teddyber\Documents\Meine empfangenen Dateien
2013-09-12 09:25 - 2013-09-16 11:39 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2013-09-16 11:39 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2013-09-16 11:39 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-06 14:27 - 2013-09-16 10:21 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-06 14:25 - 2013-09-16 10:20 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:43 - 2011-07-05 17:34 - 00000000 ____D C:\Windows\Panther
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:40 - 2011-07-05 16:43 - 00001417 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-31 15:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-30 09:48 - 2013-08-19 09:45 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-08-19 09:45 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-08-19 09:45 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-28 14:19 - 2011-07-05 18:17 - 00097992 _____ C:\Users\teddyber\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 17:55 - 2012-11-10 23:03 - 00000000 ____D C:\Users\teddyber\AppData\Local\Runic Games

Some content of TEMP:
====================
C:\Users\teddyber\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-23 14:07

==================== End Of Log ============================
--- --- ---







AdwCleaner Logfile:
Code:
# AdwCleaner v3.005 - Bericht erstellt am 24/09/2013 um 12:19:46
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : teddyber - ACCELATOR
# Gestartet von : C:\Users\teddyber\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\adawaretb

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16506


*************************

AdwCleaner[R3].txt - [862 octets] - [24/09/2013 12:18:57]
AdwCleaner[S2].txt - [740 octets] - [24/09/2013 12:19:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [799 octets] ##########
--- --- ---

schrauber 24.09.2013 18:46
Sieht viel besser aus :)


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

asisstent 25.09.2013 04:49
guten morgen

also soweit ich das jetzt verstanden habe und mitbekommen habe, scheint alles soweit in Ordnung zu sein. Registry Prog. wurde entfernt von meinem System, da es laut mehrerer Aussagen wohl nicht nötig ist, solches unter Windows 7 zu betreiben. Es kann/ soll wohl Fehler verursachen und somit auch Daten löschen die für Windows wichtig sein könnten.
Ansonsten habe ich die gewünschten Optionen durchgeführt. Und mein Gefühl wurde sagen, scheint alles im normalen Bereich zu sein.
Was ich aber immer noch nicht verstehe, warum habe ich keine zugriffs Möglichkeit auf den im "oben genannten Ordner"?

hier die Files.

#ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=daeb2f3662ea924cbb62d6253db89cec
# engine=15246
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-25 03:25:37
# local_time=2013-09-25 05:25:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 324175 156789409 0 0
# compatibility_mode=5893 16776574 100 94 761001 131709387 0 0
# scanned=124711
# found=0
# cleaned=0
# scan_time=1976


# Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Lavasoft Ad-Aware
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware Version 1.75.0.1300
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Mozilla Thunderbird (17.0.8)
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


#Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2013
Ran by teddyber at 2013-09-25 05:36:15
Running from C:\Users\teddyber\Desktop\Neuer Ordner
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133)
Ad-Aware Antivirus (x32 Version: 10.5.3.4405)
Ad-Aware Browsing Protection (x32 Version: 1.0.1.110)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
AFPL Ghostscript 8.54 (x32)
AFPL Ghostscript Fonts (x32)
ASUS Xonar DG Audio Driver
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bullzip PDF Printer 7.2.0.1313 (Version: 7.2.0.1313)
BurnAware Free 4.9 (x32)
CCleaner (Version: 4.05)
DAEMON Tools Lite (x32 Version: 4.40.2.0131)
DHTML Editing Component (x32 Version: 6.02.0001)
Diablo III (x32 Version: 1.0.7.14633)
Druckerdeinstallation für EPSON Stylus S20 Series
GPL Ghostscript (x32 Version: 9.05)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Luxor Amun Rising with Luxor (x32 Version: )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 14.0.1468.721)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
O&O Defrag Free Edition (Version: 14.1.431)
OpenAL (x32)
OpenMG Limited Patch 4.7-07-14-05-01 (x32)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140)
Opera 12.16 (x32 Version: 12.16.1860)
Oracle VM VirtualBox 4.2.18 (Version: 4.2.18)
PDF Blender (x32)
PDF-XChange Viewer (Version: 2.5.199.0)
Platform (x32 Version: 1.34)
Razer DeathAdder Black Edition Mouse (x32 Version: 1.02)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Skype™ 6.7 (x32 Version: 6.7.102)
SnapAPI (x32 Version: 4.5.2140)
Steam (x32 Version: 1.0.0.0)
TeamViewer 8 (x32 Version: 8.0.18051)
Torchlight II (x32)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-23 19:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1174B1BF-A728-425F-B7C7-EA09291E53DA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {4752FB41-EA22-4E04-9535-909665747900} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1271389837-1087916619-1279208209-500
Task: {91C063BC-9394-46C1-99E0-FBFA6BF78C62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-19] (Adobe Systems Incorporated)
Task: {C1FFA74E-4626-4B92-A615-925DA1F5B122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-06-13 02:27 - 2013-06-13 02:27 - 01280896 _____ (Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareShellExtension64.dll
2012-10-01 15:25 - 2010-09-17 07:53 - 00121856 ____N (C-Media Electronics Inc.) C:\Windows\system\HsSrv64.dll
2013-07-15 23:09 - 2013-07-15 23:09 - 00318864 _____ (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
2013-06-13 02:28 - 2013-06-13 02:28 - 00953704 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files (x86)\Ad-Aware Antivirus\htmlayout.dll
2012-09-20 05:38 - 2012-09-20 05:38 - 00056712 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvcPS.dll
2013-06-13 02:27 - 2013-06-13 02:27 - 00465248 _____ (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\cart\CartSdk.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\teddyber:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\teddyber\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\teddyber\Cookies:gs5sys
AlternateDataStreams: C:\Users\teddyber\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\teddyber\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\teddyber\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\teddyber\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2013 05:27:18 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2013 04:51:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2013 04:50:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/25/2013 04:46:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/24/2013 05:10:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2013 00:23:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/25/2013 05:34:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/25/2013 05:34:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (09/25/2013 05:34:43 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (09/25/2013 04:49:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/25/2013 04:49:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (09/25/2013 04:49:14 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (09/25/2013 04:48:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535

Error: (09/25/2013 04:48:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535

Error: (09/25/2013 04:48:15 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (09/25/2013 04:43:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-09-23 19:37:30.394
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-09-23 19:37:30.298
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 3327.24 MB
Available physical RAM: 1751.72 MB
Total Pagefile: 6652.67 MB
Available Pagefile: 4901.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:50.01 GB) (Free:14.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Spiele) (Fixed) (Total:204.8 GB) (Free:179.98 GB) NTFS
Drive f: (Volume) (Fixed) (Total:210.95 GB) (Free:135.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C988D1C9)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=205 GB) - (Type=05)
Partition 3: (Not Active) - (Size=211 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Ich danke vielmehr für die Mühe und Zeit dafür Gruß Fabian

schrauber 25.09.2013 17:56
Du hast die Additional.txt gepostet, ich brauch bitte ne frische FRST.txt.

asisstent 25.09.2013 20:42
oh, entschuldige, mein Fehler
hier ganz frisch soweit

#
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by teddyber (administrator) on ACCELATOR on 25-09-2013 21:38:31
Running from C:\Users\teddyber\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Opera Software) C:\Program Files (x86)\Opera\Opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKU\Administrator\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lixam.de/#
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC490DCFF283BCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File
Filter-x32: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S4 GhosteryStatsUpdater; C:\Users\Administrator\AppData\LocalLow\GhosteryStats\IE\GhosteryStatsUpdater.exe [18432 2012-02-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S4 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-05] (DT Soft Ltd)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-19] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; No ImagePath
S3 cpuz135; No ImagePath
S0 pavboot; system32\drivers\pavboot64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-25 21:37 - 2013-09-25 21:38 - 01955802 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-25 10:19 - 2013-09-25 10:19 - 00000834 _____ C:\Windows\PFRO.log
2013-09-25 05:34 - 2013-09-25 05:34 - 00000000 ____D C:\FRST
2013-09-24 12:22 - 2013-09-24 12:57 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-24 12:12 - 2013-09-24 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 07:55 - 2013-09-24 07:55 - 00000020 ___SH C:\Users\UpdatusUser.accelator\ntuser.ini
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Vorlagen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Startmenü
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Netzwerkumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Lokale Einstellungen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Eigene Dateien
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Druckumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Musik
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Bilder
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Verlauf
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 ____D C:\Users\UpdatusUser.accelator
2013-09-24 07:55 - 2011-07-07 08:26 - 00000000 ____D C:\Users\UpdatusUser.accelator\AppData\Local\Microsoft Help
2013-09-24 07:55 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-24 07:55 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-24 07:51 - 2013-09-25 13:32 - 00000486 _____ C:\Windows\setupact.log
2013-09-24 07:51 - 2013-09-24 07:51 - 00000000 _____ C:\Windows\setuperr.log
2013-09-23 19:39 - 2013-09-23 19:39 - 00022922 _____ C:\ComboFix.txt
2013-09-23 19:33 - 2013-09-23 19:38 - 00000000 ____D C:\Windows\erdnt
2013-09-23 19:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-23 19:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-23 19:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-23 19:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:00 - 2013-09-25 21:36 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-22 22:15 - 2013-09-22 22:32 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 10:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-17 22:22 - 2013-09-17 22:22 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:51 - 2013-09-17 22:22 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-16 11:51 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-16 11:51 - 2013-01-29 10:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-16 11:39 - 2013-09-12 09:25 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-16 11:39 - 2013-09-12 09:25 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-16 11:39 - 2013-09-12 00:06 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:30 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-16 10:30 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-16 10:30 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-16 10:30 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-16 10:30 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-16 10:30 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-16 10:30 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-16 10:30 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-16 10:30 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-16 10:30 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-16 10:30 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-16 10:30 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-16 10:30 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-16 10:30 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-16 10:30 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-16 10:30 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-16 10:30 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-16 10:30 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-16 10:30 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-16 10:30 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-16 10:30 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-16 10:30 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-16 10:30 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-16 10:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-16 10:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-16 10:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-16 10:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-16 10:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-16 10:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-16 10:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-16 10:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-16 10:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-16 10:27 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-16 10:27 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-16 10:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-16 10:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-16 10:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-16 10:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-16 10:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-16 10:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:21 - 2013-09-06 14:27 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-16 10:20 - 2013-09-06 14:25 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-09-25 21:38 - 2013-09-25 21:37 - 01955802 _____ (Farbar) C:\Users\teddyber\Desktop\FRST64.exe
2013-09-25 21:36 - 2013-09-23 16:00 - 00000000 ____D C:\Users\teddyber\Desktop\Neuer Ordner
2013-09-25 21:11 - 2013-08-19 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-25 13:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-25 13:40 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-25 13:36 - 2011-07-05 16:37 - 01761782 _____ C:\Windows\WindowsUpdate.log
2013-09-25 13:32 - 2013-09-24 07:51 - 00000486 _____ C:\Windows\setupact.log
2013-09-25 13:32 - 2012-01-24 17:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-25 13:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-25 10:21 - 2011-09-15 07:04 - 00000000 ___RD C:\Users\teddyber\Desktop\Games
2013-09-25 10:20 - 2013-08-19 09:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-25 10:19 - 2013-09-25 10:19 - 00000834 _____ C:\Windows\PFRO.log
2013-09-25 05:34 - 2013-09-25 05:34 - 00000000 ____D C:\FRST
2013-09-25 04:44 - 2011-07-05 18:17 - 00097992 _____ C:\Users\teddyber\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-24 12:57 - 2013-09-24 12:22 - 00000000 ____D C:\Users\teddyber\AppData\Local\adawarebp
2013-09-24 12:12 - 2013-09-24 12:12 - 00000000 ____D C:\Windows\ERUNT
2013-09-24 08:07 - 2009-07-14 06:45 - 00368816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-24 07:59 - 2011-07-05 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-24 07:55 - 2013-09-24 07:55 - 00000020 ___SH C:\Users\UpdatusUser.accelator\ntuser.ini
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Vorlagen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Startmenü
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Netzwerkumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Lokale Einstellungen
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Eigene Dateien
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Druckumgebung
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Musik
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Documents\Eigene Bilder
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Verlauf
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\AppData\Local\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 _SHDL C:\Users\UpdatusUser.accelator\Anwendungsdaten
2013-09-24 07:55 - 2013-09-24 07:55 - 00000000 ____D C:\Users\UpdatusUser.accelator
2013-09-24 07:55 - 2012-06-10 12:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-24 07:55 - 2012-03-29 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-24 07:51 - 2013-09-24 07:51 - 00000000 _____ C:\Windows\setuperr.log
2013-09-23 19:39 - 2013-09-23 19:39 - 00022922 _____ C:\ComboFix.txt
2013-09-23 19:38 - 2013-09-23 19:33 - 00000000 ____D C:\Windows\erdnt
2013-09-23 19:37 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-23 16:07 - 2013-09-23 16:07 - 00000000 _____ C:\Users\teddyber\defogger_reenable
2013-09-23 16:07 - 2011-07-05 16:42 - 00000000 ____D C:\Users\teddyber
2013-09-22 22:32 - 2013-09-22 22:15 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\GHISLER
2013-09-22 17:38 - 2013-02-15 08:41 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Ad-Aware Antivirus
2013-09-22 17:33 - 2013-02-15 08:43 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-22 13:09 - 2012-05-15 11:26 - 00000000 ____D C:\Users\teddyber\Documents\Diablo III
2013-09-21 11:23 - 2013-08-19 09:45 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-21 10:51 - 2013-09-21 10:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-19 16:01 - 2013-08-20 14:59 - 00000000 ____D C:\Users\teddyber\AppData\Roaming\Skype
2013-09-19 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-19 12:08 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-19 00:25 - 2013-09-19 00:25 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-19 00:25 - 2011-07-05 17:28 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-19 00:23 - 2013-02-15 08:43 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-19 00:13 - 2010-11-21 08:50 - 00697310 _____ C:\Windows\system32\perfh007.dat
2013-09-19 00:13 - 2010-11-21 08:50 - 00148324 _____ C:\Windows\system32\perfc007.dat
2013-09-19 00:13 - 2009-07-14 07:13 - 01614942 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 19:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-17 22:22 - 2013-09-17 22:22 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-17 22:22 - 2013-09-17 22:22 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-17 22:22 - 2013-09-17 22:22 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-17 22:22 - 2013-09-16 11:51 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-17 22:22 - 2012-10-10 22:23 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-17 22:22 - 2012-10-10 22:22 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-16 11:55 - 2013-09-16 11:55 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-16 11:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-16 11:38 - 2013-09-16 11:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 10:42 - 2011-07-05 16:43 - 00000000 ___RD C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 10:34 - 2013-08-19 10:09 - 00000000 ____D C:\Windows\system32\MRT
2013-09-16 10:32 - 2011-07-07 08:31 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-16 10:23 - 2012-03-09 14:18 - 00000000 ____D C:\Users\teddyber\.VirtualBox
2013-09-16 10:21 - 2013-09-16 10:21 - 00003222 _____ C:\Windows\System32\Tasks\{8CAAFBC6-9BE7-479E-A860-1A2C548C398E}
2013-09-16 10:11 - 2013-09-16 10:11 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-16 10:11 - 2013-09-16 10:11 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 09:22 - 2011-07-07 09:09 - 00000000 ____D C:\Users\teddyber\Documents\Meine empfangenen Dateien
2013-09-12 09:25 - 2013-09-16 11:39 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2013-09-16 11:39 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2013-09-16 11:39 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2013-09-16 11:39 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-06 14:27 - 2013-09-16 10:21 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-09-06 14:25 - 2013-09-16 10:20 - 00119056 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00204048 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-09-06 14:25 - 2013-09-06 14:25 - 00146704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2013-09-06 14:25 - 2013-09-06 14:25 - 00131856 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-08-31 15:43 - 2011-07-05 17:34 - 00000000 ____D C:\Windows\Panther
2013-08-31 15:40 - 2013-08-31 15:40 - 00001451 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-31 15:40 - 2011-07-05 16:43 - 00001417 _____ C:\Users\teddyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-31 15:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-31 15:37 - 2013-08-31 15:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-31 15:37 - 2013-08-31 15:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-31 15:37 - 2013-08-31 15:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-31 15:37 - 2013-08-31 15:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-31 15:37 - 2013-08-31 15:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-30 09:48 - 2013-08-19 09:45 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-08-19 09:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-08-19 09:45 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-08-19 09:45 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr

Some content of TEMP:
====================
C:\Users\teddyber\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-23 14:07

==================== End Of Log ============================
--- --- ---

schrauber 26.09.2013 09:00
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

asisstent 26.09.2013 10:43
Hallo und guten Tag,
heute Vormittag habe ich nochmals Malwarbytes, Adw- Cleaner und Ad- Aware durchlaufen lassen. Danach dann die Empfehlung ausgeführt.
Jetzt ist alles, soweit ich es nachvollziehen kann wieder entfernt. Dem zu folge ist alles soweit erledigt und ich bin darüber heilfroh. Thanks

Eigentlich bin ich ein sehr vorsichtiger Mensch was Internet betrifft. Alleine deswegen schon wegen Internet- Banking. Aber es war wohl doch nicht genug :stirn:

Muss gestehen das ich die Tage jetzt Revue passieren lassen habe und muss feststellen, das ich denke es hat etwas mit dem IE9 zu schaffen. Denn vorher hatte ich diese Probleme nicht. Ich kann mich erinnern das ich diesen schon mal hatte und die gleichen Probleme auch. Da hab ich mich wieder um entschieden, so wie jetzt auch.

Jedenfalls bin ich auch schlauer nun, dass ich die Hände von Registry Tool lassen sollte. Dachte bisher seien diese relevant oder auch nützlich.

Jedenfalls danke ich nochmals für die Unterstützung und Hilfe und für das Wissen was ich die letzten Tage so erhalten habe. Eine Aufwandsentschädigung werde ich selbstverständlich und mit Dank zukommen lassen. schon alleine für/ wegen der Zeit
Gruß
Fabian

schrauber 26.09.2013 12:46
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131