Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Mehrere Trojaner entdeckt (Dpx.js.i.simpli.fi) (https://www.trojaner-board.de/157852-mehrere-trojaner-entdeckt-dpx-js-i-simpli-fi.html)

Metzka 21.08.2014 09:10
Mehrere Trojaner entdeckt (Dpx.js.i.simpli.fi)
 
Hi.

Ich nutzte Windows 7. Da Firefox bei mir immer wieder abstürzte nutze ich seit 1-2 Wochen wieder den InternetExploder(64).

Gestern wurde ich von diesem aufgefordert mir die neuste Java-Version runter zu laden. Da ich dass am liebsten immer manuell mache und das Popup komisch aussah, habe ich auf nein geklickt (was den Trojaner/Malware) aber wohl nicht gestört hat.

Danach habe ich immer wieder die Aufforderung erhalten mir Dpx.js.i.simpli.fi runter zu laden. Dieses Popup kommt immer wieder. Teilweise 10 mal hintereinander.

Als ich den PC später wieder gelöscht habe, hat Avira mit angezeigt, dass ich einen Virus habe, diesen habe ich daraufhin entfernt.

Seit dem habe ich, wenn ich den PC hochfahre das RegDatei mit dem Namen "..." nicht gefunden wird.

Jetzt habe ich mir mbam runtergeladen. Der hat mehrere Trojaner gefunden und zeigt mir auch jetzt immer wieder die Meldung an, dass Trojan.Ransom.BLK gefunden wurde.

Nach dem Bedrohungssuchlauf habe ich alles in Quarantäne gesetzt. Was mache ich jetzt? Lösche ich die einfach alle?

--------------------------------
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.08.2014
Suchlauf-Zeit: 09:15:38
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Metz-One

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 250722
Verstrichene Zeit: 11 Min, 57 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 5
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [89c0f30c3644201619ea660e689a27d9],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [89c0f30c3644201619ea660e689a27d9],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2131351800-3081115588-278826005-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Löschen bei Neustart, [4108f00f601ace6884232f7bfc07d927],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2131351800-3081115588-278826005-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Löschen bei Neustart, [7bce946b78027eb83b6b3f6b7a898e72],
PUP.Optional.Babylon.A, HKU\S-1-5-21-2131351800-3081115588-278826005-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, Löschen bei Neustart, [a9a030cfd9a11323d3dfa60535cec23e],

Registrierungswerte: 1
PUP.Optional.BrowserProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|bProtectTabs, hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=564E18F46A6E7098, In Quarantäne, [4ffaf00f1763f93d85a16b43b74cc937]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 3
Trojan.Zbot.CXgen, C:\ProgramData\Windows Genuine Advantage\{55A3FD81-39A8-437A-897B-0AE13100C330}\msiexec.exe, In Quarantäne, [3415728d681259ddeb73c58749b82ed2],
Trojan.FakeMS, C:\Users\Metz-One\AppData\Local\Temp\MigWizL0\cryptbase.dll, In Quarantäne, [6fda5da2275378be9099270d23de1ce4],
Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2031203351.job, In Quarantäne, [95b458a78eeca09631828d091be80ff1],

Physische Sektoren: 0
(No malicious items detected)


(end)
-----------------------------------

schrauber 21.08.2014 09:24
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Metzka 21.08.2014 11:08
Vielen Dank für die schnelle Antwort

FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Metz-One (administrator) on METZ-ONE-PC on 21-08-2014 11:51:16
Running from C:\Users\Metz-One\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\Run: [OxbiDewli] => regsvr32.exe "
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\Run: [Qadiotagis] => C:\Users\Metz-One\AppData\Roaming\Huveqozu\xoqyut.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {058bfdf1-9065-11e0-84e9-1c75083254b8} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {2a904db9-7185-11e0-bff5-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {371466ae-6461-11e0-9b80-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {69b30fb5-805c-11e0-922c-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {788b66f4-8044-11e0-92e7-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {788b66fb-8044-11e0-92e7-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {8149ec84-6fb5-11e3-a5d2-18f46a6e7098} - E:\CMADownloader.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {ab359c7d-74cf-11e0-811a-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {ab359c82-74cf-11e0-811a-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {c9dc80ea-c523-11e1-816f-1c75083254b8} - G:\CMADownloader.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {d4a4cc50-82bb-11e0-8b49-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {d77e866d-8863-11e0-925e-18f46a6e7098} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {d77e8704-8863-11e0-925e-1c75083254b8} - E:\AutoRun.exe
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\MountPoints2: {f4ce6ade-0d1b-11e1-9a1e-18f46a6e7098} - E:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6B3F3AA80DBDCF01
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2014-03-12] (QUALCOMM Incorporated) [File not signed]
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-31] (DT Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 11:51 - 2014-08-21 11:51 - 00016145 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-21 11:50 - 2014-08-21 11:51 - 00000000 ____D () C:\FRST
2014-08-21 11:50 - 2014-08-21 11:50 - 02101760 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-21 11:47 - 2014-08-21 11:47 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 11:43 - 2014-08-21 11:44 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:35 - 2014-08-21 09:35 - 00002620 _____ () C:\Users\Metz-One\Desktop\mbam.txt
2014-08-21 09:15 - 2014-08-21 11:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 09:15 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 09:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 09:07 - 2014-08-21 09:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:31 - 2014-08-20 16:31 - 00000120 _____ () C:\Windows\wininit.ini
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 16:08 - 2014-08-20 16:08 - 00000212 _____ () C:\Users\Metz-One\Desktop\instrumets.txt
2014-08-20 14:06 - 2014-08-21 11:47 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-20 13:53 - 2014-08-20 15:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-20 11:00 - 2014-08-20 12:26 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Monday Night Raw HDTV 2014-08-18 720p AVCHD-SC-SDH
2014-08-20 10:43 - 2014-08-20 11:34 - 00000000 ____D () C:\Users\Metz-One\Downloads\Aurora Snow
2014-08-18 13:47 - 2014-08-19 10:31 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE SummerSlam HD 2014-08-17 720p H264 AVCHD-SC-SDH
2014-08-17 21:43 - 2014-08-17 21:45 - 00000000 ____D () C:\Users\Metz-One\Downloads\Soprano
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-15 14:43 - 2014-08-15 14:54 - 00000000 ____D () C:\Users\Metz-One\Downloads\Pacewon
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:03 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 15:46 - 2014-08-18 17:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 08:14 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 08:14 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 08:14 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 08:14 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 08:14 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 08:14 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 08:14 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 08:14 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 08:14 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 08:14 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 08:14 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 08:14 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 08:14 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 08:14 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 08:14 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 08:14 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 08:14 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 08:14 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 08:14 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 08:14 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 08:14 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 08:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 08:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 08:14 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 08:14 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 08:14 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 08:14 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 08:14 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 08:12 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 08:12 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 08:12 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 08:12 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-05 21:35 - 2014-08-21 11:43 - 00004100 _____ () C:\Windows\PFRO.log
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 11:32 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-04 11:25 - 2014-08-04 11:32 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-04 13:00 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:09 - 2014-08-11 22:47 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-02 09:07 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 09:07 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 09:07 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 09:07 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 09:07 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 09:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-26 09:03 - 2014-07-30 13:55 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player
2014-07-25 19:41 - 2014-08-03 14:02 - 00000000 ____D () C:\Program Files (x86)\Solveig Multimedia
2014-07-25 19:41 - 2014-08-03 14:01 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Solveig Multimedia
2014-07-22 19:02 - 2014-07-22 19:02 - 00000431 _____ () C:\Windows\BeatBox.INI

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 11:51 - 2014-08-21 11:51 - 00016145 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-21 11:51 - 2014-08-21 11:50 - 00000000 ____D () C:\FRST
2014-08-21 11:50 - 2014-08-21 11:50 - 02101760 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-21 11:49 - 2013-11-26 05:16 - 01878172 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 11:47 - 2014-08-21 11:47 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 11:47 - 2014-08-20 14:06 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-21 11:46 - 2014-08-21 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 11:45 - 2013-11-11 09:36 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-21 11:44 - 2014-08-21 11:43 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 11:43 - 2014-08-05 21:35 - 00004100 _____ () C:\Windows\PFRO.log
2014-08-21 11:43 - 2014-06-09 20:26 - 00018782 _____ () C:\Windows\setupact.log
2014-08-21 11:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 10:04 - 2012-10-21 00:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:46 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 09:46 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 09:37 - 2013-01-18 14:46 - 00000000 ___HD () C:\Windows\AxInstSV
2014-08-21 09:35 - 2014-08-21 09:35 - 00002620 _____ () C:\Users\Metz-One\Desktop\mbam.txt
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 09:07 - 2014-08-21 09:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-21 08:56 - 2013-11-09 14:46 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Media Player Classic
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:31 - 2014-08-20 16:31 - 00000120 _____ () C:\Windows\wininit.ini
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 16:29 - 2010-08-30 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-20 16:14 - 2010-11-11 03:51 - 00662030 _____ () C:\Windows\system32\perfh007.dat
2014-08-20 16:14 - 2010-11-11 03:51 - 00142010 _____ () C:\Windows\system32\perfc007.dat
2014-08-20 16:14 - 2009-07-14 07:13 - 01529916 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-20 16:08 - 2014-08-20 16:08 - 00000212 _____ () C:\Users\Metz-One\Desktop\instrumets.txt
2014-08-20 15:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:52 - 2013-01-18 15:33 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\BitTorrent
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-20 13:03 - 2013-04-30 08:18 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-20 12:26 - 2014-08-20 11:00 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Monday Night Raw HDTV 2014-08-18 720p AVCHD-SC-SDH
2014-08-20 11:34 - 2014-08-20 10:43 - 00000000 ____D () C:\Users\Metz-One\Downloads\Aurora Snow
2014-08-19 21:33 - 2011-04-07 10:49 - 00000155 _____ () C:\Windows\winamp.ini
2014-08-19 10:31 - 2014-08-18 13:47 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE SummerSlam HD 2014-08-17 720p H264 AVCHD-SC-SDH
2014-08-18 17:13 - 2014-08-14 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 17:13 - 2013-01-13 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 17:13 - 2013-01-13 20:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-17 21:45 - 2014-08-17 21:43 - 00000000 ____D () C:\Users\Metz-One\Downloads\Soprano
2014-08-16 17:10 - 2011-04-08 19:40 - 00033280 _____ () C:\Users\Metz-One\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-16 16:18 - 2014-04-15 18:24 - 00000000 ____D () C:\Users\Metz-One\My Games
2014-08-15 22:17 - 2011-04-06 18:41 - 00000000 ____D () C:\Users\Metz-One
2014-08-15 18:19 - 2011-06-17 13:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\DAEMON Tools Lite
2014-08-15 14:54 - 2014-08-15 14:43 - 00000000 ____D () C:\Users\Metz-One\Downloads\Pacewon
2014-08-15 12:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:05 - 2014-08-14 23:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 18:05 - 2012-01-06 23:01 - 00000000 ____D () C:\Users\Metz-One\Desktop\Dokumente
2014-08-14 15:46 - 2013-01-13 20:30 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 11:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 08:43 - 2011-05-22 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 08:36 - 2013-07-17 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 08:35 - 2011-04-23 21:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 08:32 - 2014-05-10 16:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 07:58 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-12 21:58 - 2011-04-11 08:33 - 00000000 ____D () C:\Users\Metz-One\dwhelper
2014-08-11 22:47 - 2014-08-03 14:09 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-11 15:09 - 2013-06-08 19:28 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 09:01 - 2013-02-10 17:34 - 00000000 ____D () C:\Users\Metz-One\Desktop\Bewerbungen
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-07 04:06 - 2014-08-14 08:12 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 08:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-05 09:20 - 2011-04-08 09:30 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 13:00 - 2014-08-03 14:48 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 11:32 - 2014-08-04 11:25 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-03 22:19 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:48 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2014-08-03 14:39 - 2014-02-24 20:24 - 00000000 ____D () C:\Users\Metz-One\Arbeit & Wichtiges
2014-08-03 14:05 - 2013-09-06 19:19 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\MAGIX
2014-08-03 14:03 - 2014-02-02 17:18 - 00000000 ____D () C:\Program Files\Native Instruments
2014-08-03 14:02 - 2014-07-25 19:41 - 00000000 ____D () C:\Program Files (x86)\Solveig Multimedia
2014-08-03 14:01 - 2014-07-25 19:41 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Solveig Multimedia
2014-08-01 01:41 - 2014-08-14 08:14 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 08:14 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-30 13:55 - 2014-07-26 09:03 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player
2014-07-28 15:20 - 2013-05-02 11:50 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-25 16:52 - 2014-08-14 08:14 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 08:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 08:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 08:14 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 08:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 08:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 08:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 08:14 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 08:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 08:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 08:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 08:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 08:14 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 08:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 08:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 08:14 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 08:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 08:14 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 08:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 08:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 08:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 08:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 08:14 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 08:14 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 08:14 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 08:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 08:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 08:14 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 08:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 08:14 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 08:14 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 08:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 08:14 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 08:14 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 08:14 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 08:14 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 08:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 08:14 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 08:14 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 08:14 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 08:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 08:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 08:14 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 08:14 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 08:14 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 08:14 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 08:14 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 08:14 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 08:14 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 08:14 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 08:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 08:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 08:14 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 08:14 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 13:32 - 2013-04-05 09:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 13:32 - 2013-04-05 09:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 12:41 - 2013-04-05 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-22 19:02 - 2014-07-22 19:02 - 00000431 _____ () C:\Windows\BeatBox.INI

Some content of TEMP:
====================
C:\Users\Metz-One\AppData\Local\Temp\avgnt.exe
C:\Users\Metz-One\AppData\Local\Temp\Quarantine.exe
C:\Users\Metz-One\AppData\Local\Temp\UpdateFlashPlayer_3e62d03c.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:35

==================== End Of Log ============================
--- --- ---





Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Metz-One at 2014-08-21 11:52:14
Running from C:\Users\Metz-One\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.3 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Antares Autotune VST RTAS TDM v5.08 (HKLM-x32\...\Antares Autotune VST RTAS TDM_is1) (Version:  - Team AiR 2007)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
AVerMedia A835 USB TV Tuner 8.0.64.43 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.43 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.2.0 - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0825.2205.37769 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0825.2205.37769 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0825.2205.37769 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help English (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help French (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help German (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0825.2205.37769 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0825.2205.37769 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DVD Audio Extractor 6.3.0 (HKLM-x32\...\DVD Audio Extractor_is1) (Version:  - Computer Application Studio)
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Free Video to MP3 Converter version 5.0.4.1228 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
K-Lite Codec Pack 9.6.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.6.5 - )
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rosetta Stone Ltd Services (HKLM-x32\...\{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}) (Version: 3.2.17 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale) (Version: 4.1.15.1 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WAV MP3 Converter 1.00 (HKLM-x32\...\WAV MP3 Converter_is1) (Version:  - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Winamp (remove only) (HKLM-x32\...\Winamp) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-08-2014 17:43:35 Geplanter Prüfpunkt
19-08-2014 07:12:54 Windows Update
20-08-2014 14:27:48 Removed Adobe Help Manager
21-08-2014 06:51:08 Installed Java 7 Update 67 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {063A2AF3-EB62-4D35-83B4-B19FF9F60234} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {743121A3-9F3C-4556-9539-D118C11F7958} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {7530EB3C-3FC4-474B-8282-9D2778666BFB} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {86BF771D-DB05-4A9F-8A89-17F2CEE4B8B5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A9B560E1-0877-4C6B-B034-05798408234A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {AC0B35A4-2291-4C87-A5E7-FE68A2CE6D62} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-04-21 20:31 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2011-07-04 16:37 - 2009-10-09 21:11 - 00389120 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2011-07-04 16:38 - 2009-08-01 05:06 - 00155648 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2010-08-26 16:45 - 2010-08-26 16:45 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-25 23:04 - 2010-08-25 23:04 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-29 00:20 - 2010-06-29 00:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-29 00:12 - 2010-06-29 00:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 15:47 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Metz-One\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:798A3728

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (08/21/2014 11:47:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 51%
Total physical RAM: 3958.71 MB
Available physical RAM: 1917.83 MB
Total Pagefile: 7915.6 MB
Available Pagefile: 5820.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:175.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E30EBAC9)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 22.08.2014 09:15
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Metzka 22.08.2014 21:08
Danke!

c:/combofix.txt.

Code:
ComboFix 14-08-21.01 - Metz-One 22.08.2014  10:52:15.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3959.2291 [GMT 2:00]
ausgeführt von:: c:\users\Metz-One\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\install.exe
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\SET13EB.tmp
c:\windows\SysWow64\SET18CD.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-07-22 bis 2014-08-22  ))))))))))))))))))))))))))))))
.
.
2014-08-22 09:05 . 2014-08-22 09:05        --------        d-----w-        c:\users\Metz-One\AppData\Local\temp
2014-08-22 09:05 . 2014-08-22 09:05        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-08-22 07:39 . 2014-08-22 07:39        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{37D4B0D0-1172-4835-8E20-03F939E80865}\offreg.dll
2014-08-21 09:50 . 2014-08-21 09:52        --------        d-----w-        C:\FRST
2014-08-21 07:15 . 2014-08-22 07:18        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-21 07:15 . 2014-08-21 07:15        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-21 07:15 . 2014-08-21 07:15        --------        d-----w-        c:\programdata\Malwarebytes
2014-08-21 07:15 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-08-21 07:15 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-08-21 07:15 . 2014-05-12 05:25        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-08-21 06:52 . 2014-08-21 06:52        319912        ----a-w-        c:\windows\system32\javaws.exe
2014-08-21 06:52 . 2014-08-21 06:52        189352        ----a-w-        c:\windows\system32\javaw.exe
2014-08-21 06:52 . 2014-08-21 06:52        189352        ----a-w-        c:\windows\system32\java.exe
2014-08-21 06:52 . 2014-08-21 06:52        111016        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2014-08-21 06:52 . 2014-08-21 06:52        --------        d-----w-        c:\program files\Java
2014-08-20 12:06 . 2014-08-21 09:47        --------        d-----w-        c:\users\Metz-One\AppData\Roaming\Huveqozu
2014-08-20 11:53 . 2014-08-20 13:53        --------        d-----w-        c:\programdata\OxbiDewli
2014-08-20 11:03 . 2014-08-20 11:03        --------        d-----w-        c:\programdata\Arturia
2014-08-19 07:14 . 2014-08-07 08:59        11319200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{37D4B0D0-1172-4835-8E20-03F939E80865}\mpengine.dll
2014-08-14 21:05 . 2014-08-14 21:05        --------        d-----w-        c:\users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 21:03 . 2014-08-14 21:05        --------        d-----w-        c:\users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 06:12 . 2014-08-07 02:06        529920        ----a-w-        c:\windows\system32\aepdu.dll
2014-08-14 06:12 . 2014-07-14 02:02        1216000        ----a-w-        c:\windows\system32\rpcrt4.dll
2014-08-14 06:12 . 2014-07-14 01:40        664064        ----a-w-        c:\windows\SysWow64\rpcrt4.dll
2014-08-14 06:12 . 2014-08-07 02:01        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-08-05 13:16 . 2014-08-05 13:16        --------        d-sh--w-        c:\users\Metz-One\AppData\Local\EmieUserList
2014-08-05 13:16 . 2014-08-05 13:16        --------        d-sh--w-        c:\users\Metz-One\AppData\Local\EmieSiteList
2014-08-04 10:58 . 2014-08-04 10:58        --------        d-----w-        c:\windows\SysWow64\wbem\en-US
2014-08-04 10:58 . 2014-08-04 10:58        --------        d-----w-        c:\windows\system32\wbem\en-US
2014-08-04 09:32 . 2013-10-14 16:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE
2014-08-03 17:24 . 2014-08-03 20:19        46704        ----a-w-        c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-08-03 09:53 . 2014-08-03 09:53        188304        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-07-25 17:41 . 2014-08-03 12:01        --------        d-----w-        c:\users\Metz-One\AppData\Roaming\Solveig Multimedia
2014-07-25 17:41 . 2014-08-03 12:02        --------        d-----w-        c:\program files (x86)\Solveig Multimedia
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-14 06:35 . 2011-04-23 19:46        99218768        ----a-w-        c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2011-04-08 07:30        270496        ------w-        c:\windows\system32\MpSigStub.exe
2014-06-18 02:18 . 2014-07-09 10:18        692736        ----a-w-        c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 10:18        646144        ----a-w-        c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-09 10:18        624128        ----a-w-        c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 10:18        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 10:17        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 10:17        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 10:17        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 10:17        210944        ----a-w-        c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 10:17        86528        ----a-w-        c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 10:17        340992        ----a-w-        c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 10:17        314880        ----a-w-        c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 10:17        307200        ----a-w-        c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 10:17        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 10:17        22016        ----a-w-        c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 10:17        172032        ----a-w-        c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 10:17        65536        ----a-w-        c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 10:17        247808        ----a-w-        c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 10:17        220160        ----a-w-        c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 10:17        259584        ----a-w-        c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 10:17        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 10:17        17408        ----a-w-        c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 10:17        497152        ----a-w-        c:\windows\system32\drivers\afd.sys
2005-07-14 11:31        32256        --sh--w-        c:\windows\SysWOW64\AVSredirect.dll
2004-01-24 23:00        70656        --sh--w-        c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40        120176        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-7-4 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-7-4 651264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avipbb
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-20 20:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42        137584        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-OxbiDewli - (no file)
Wow6432Node-HKCU-Run-Qadiotagis - c:\users\Metz-One\AppData\Roaming\Huveqozu\xoqyut.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{C78336EC-F2EB-4640-99A4-DFE96581B90B}\Service Center Setup PC.exe
AddRemove-{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9} - c:\programdata\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}\Massive Setup PC.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2131351800-3081115588-278826005-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2131351800-3081115588-278826005-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2131351800-3081115588-278826005-1000\Software\SecuROM\License information*]
"datasecu"=hex:8d,10,c6,bc,ba,8e,a3,e9,cb,2e,3c,85,ff,fb,18,15,55,e7,51,bd,a2,
  5c,be,a5,10,dc,a2,6f,a1,2e,5d,86,aa,bc,96,87,11,74,86,73,9d,63,ff,02,b1,99,\
"rkeysecu"=hex:de,65,88,6b,90,a1,1f,05,e2,8f,eb,19,7a,8b,ed,78
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-08-22  11:08:30
ComboFix-quarantined-files.txt  2014-08-22 09:08
.
Vor Suchlauf: 10 Verzeichnis(se), 186.048.278.528 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 185.413.693.440 Bytes frei
.
- - End Of File - - 4775AD029734A8F2922F2C9A824B6708

schrauber 23.08.2014 16:41
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Metzka 24.08.2014 00:09
Alles erledigt.

MBAM

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 24.08.2014
Suchlauf-Zeit: 00:09:39
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.23.06
Rootkit Datenbank: v2014.08.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Metz-One

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 323960
Verstrichene Zeit: 9 Min, 40 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [5ba73c8e473462d49feabe3b4db5a35d],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dhkplhfnhceodhffomolpfigojocbpcb, In Quarantäne, [fd057c4e80fb57df82a3fc517f85fa06],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner

Code:
# AdwCleaner v3.308 - Bericht erstellt am 24/08/2014 um 00:34:04
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Metz-One - METZ-ONE-PC
# Gestartet von : C:\Users\Metz-One\Downloads\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Users\Metz-One\AppData\Roaming\Babylon

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\5e0da8cb06dec49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946\prefs.js ]


*************************

AdwCleaner[R0].txt - [4090 octets] - [24/08/2014 00:24:38]
AdwCleaner[R1].txt - [4150 octets] - [24/08/2014 00:33:04]
AdwCleaner[S0].txt - [3884 octets] - [24/08/2014 00:34:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3944 octets] ##########

JRT

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Metz-One on 24.08.2014 at  0:43:47,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2131351800-3081115588-278826005-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\Metz-One\appdata\local\{CAF60E29-0E02-459B-91AE-CDE2E71BDAAE}



~~~ FireFox

Emptied folder: C:\Users\Metz-One\AppData\Roaming\mozilla\firefox\profiles\z5zo2aap.default-1408604426946\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2014 at  0:50:07,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Metz-One (administrator) on METZ-ONE-PC on 24-08-2014 00:50:55
Running from C:\Users\Metz-One\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1E3E2167E9BDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-21]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2014-03-12] (QUALCOMM Incorporated) [File not signed]
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-31] (DT Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 00:50 - 2014-08-24 00:50 - 00001682 _____ () C:\Users\Metz-One\Desktop\JRT.txt
2014-08-24 00:43 - 2014-08-24 00:43 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 00:24 - 2014-08-24 00:34 - 00000000 ____D () C:\AdwCleaner
2014-08-24 00:08 - 2014-08-24 00:50 - 00000000 ____D () C:\Users\Metz-One\Desktop\Trojaner
2014-08-24 00:03 - 2014-08-24 00:05 - 01016261 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe
2014-08-24 00:01 - 2014-08-24 00:04 - 00474003 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe.31ho6x1.partial
2014-08-23 23:51 - 2014-08-23 23:53 - 00000000 ____D () C:\Users\Metz-One\Downloads\Travis - Where You Stand (Limited Edition) 2013 Rock 320kbps CBR MP3 [VX] [P2PDL]
2014-08-23 23:40 - 2014-08-23 23:40 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.1dmntv4.partial
2014-08-23 23:36 - 2014-08-23 23:36 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.0pxsefg.partial
2014-08-23 23:35 - 2014-08-23 23:48 - 00000000 ____D () C:\Users\Metz-One\Downloads\Travis - Discography @320 [1997-2013] (By Jamal The Moroccan
2014-08-23 23:24 - 2014-08-23 23:25 - 00000000 ____D () C:\Users\Metz-One\Downloads\Sex Pistols
2014-08-23 22:20 - 2014-08-23 22:37 - 00000000 ____D () C:\Users\Metz-One\Downloads\Blur 21
2014-08-23 22:08 - 2014-08-23 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypersonic 2
2014-08-23 22:07 - 2010-06-06 23:37 - 02785792 _____ (AiR) C:\Windows\SysWOW64\GuaD.dll
2014-08-23 21:51 - 2014-08-23 21:53 - 00000000 ____D () C:\Users\Metz-One\Downloads\Hypersonic
2014-08-23 21:22 - 2014-08-23 22:07 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-08-23 20:52 - 2014-08-23 20:52 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Arturia
2014-08-23 20:50 - 2014-08-23 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncrosoft
2014-08-23 20:12 - 2014-08-24 00:35 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 20:10 - 2014-08-23 20:50 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-08-23 20:10 - 2014-08-23 20:33 - 00020618 _____ () C:\Windows\DPINST.LOG
2014-08-23 20:10 - 2014-08-23 20:33 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-08-23 20:10 - 2014-08-23 20:33 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-08-23 20:10 - 2014-08-23 20:16 - 00000000 ____D () C:\ProgramData\eLicenser
2014-08-23 20:10 - 2014-08-23 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2014-08-23 20:10 - 2014-08-23 20:10 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2014-08-23 20:10 - 2009-09-17 16:20 - 01695232 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\synsoacc.dll
2014-08-23 20:10 - 2009-09-17 16:20 - 01261568 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2014-08-23 20:10 - 2009-05-19 15:21 - 00086016 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe
2014-08-23 20:10 - 2006-01-29 11:48 - 00147425 _____ () C:\Windows\SysWOW64\SYNSOACC-Aide.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00147425 _____ () C:\Windows\system32\SYNSOACC-Aide.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00120468 _____ () C:\Windows\SysWOW64\SYNSOACC-Hilfe.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00120468 _____ () C:\Windows\system32\SYNSOACC-Hilfe.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00114279 _____ () C:\Windows\SysWOW64\SYNSOACC-Help.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00114279 _____ () C:\Windows\system32\SYNSOACC-Help.chm
2014-08-23 20:09 - 2014-08-23 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-23 20:09 - 2009-09-09 18:38 - 00163840 _____ () C:\Windows\SysWOW64\ArtFfct.dll
2014-08-23 20:07 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\Syncrosoft
2014-08-23 20:05 - 2014-08-23 20:05 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.bqg116r.partial
2014-08-23 20:03 - 2014-08-23 20:03 - 01364531 _____ () C:\Users\Metz-One\Downloads\adwcleaner_3.308.exe
2014-08-23 19:51 - 2014-08-23 19:51 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-23 19:40 - 2014-08-23 21:00 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-08-23 11:43 - 2014-08-23 22:33 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Friday Night Smackdown HDTV 2014-08-22 720p AVCHD-SC-SDH
2014-08-22 22:17 - 2014-08-21 15:08 - 00000000 ____D () C:\Users\Metz-One\Downloads\Ahzumjot - Nix Mehr Egal (2014)
2014-08-22 21:32 - 2014-08-23 20:32 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia.V.Collection.2010.v2.0+Presets.Incl.Keygen-AiR
2014-08-22 21:28 - 2014-08-23 19:39 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia Spark Vintage Drume Machine STANDALONE VSTi RTAS v1.0 x86 x64 - ASSiGN
2014-08-22 20:23 - 2014-08-22 21:01 - 115816679 _____ () C:\Users\Metz-One\Downloads\Ahz-NiMeEg.zip
2014-08-22 11:08 - 2014-08-22 11:08 - 00022838 _____ () C:\ComboFix.txt
2014-08-22 10:50 - 2014-08-22 11:08 - 00000000 ____D () C:\Qoobox
2014-08-22 10:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 10:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 10:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 10:49 - 2014-08-22 11:07 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 10:44 - 2014-08-22 10:44 - 05572006 ____R (Swearware) C:\Users\Metz-One\Desktop\ComboFix.exe
2014-08-22 10:23 - 2014-08-23 11:16 - 00000315 _____ () C:\Users\Metz-One\Desktop\WRESTLERs.txt
2014-08-21 14:21 - 2014-08-21 15:00 - 00000000 ____D () C:\Users\Metz-One\Downloads\BangBrosRemastered.13.07.23.Jessi.Summers.Fire.Your.Boss.XXX.HR.MP4-OHRLY[rarbg]
2014-08-21 11:52 - 2014-08-21 11:52 - 00023693 _____ () C:\Users\Metz-One\Downloads\Addition.txt
2014-08-21 11:51 - 2014-08-24 00:50 - 00012661 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-21 11:50 - 2014-08-24 00:50 - 00000000 ____D () C:\FRST
2014-08-21 11:50 - 2014-08-21 11:50 - 02101760 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:15 - 2014-08-24 00:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 09:15 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 09:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 14:06 - 2014-08-21 11:47 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-20 13:53 - 2014-08-20 15:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:03 - 2014-08-23 21:00 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-20 11:00 - 2014-08-20 12:26 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Monday Night Raw HDTV 2014-08-18 720p AVCHD-SC-SDH
2014-08-18 13:47 - 2014-08-22 15:33 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE SummerSlam HD 2014-08-17 720p H264 AVCHD-SC-SDH
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:03 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 08:14 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 08:14 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 08:14 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 08:14 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 08:14 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 08:14 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 08:14 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 08:14 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 08:14 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 08:14 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 08:14 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 08:14 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 08:14 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 08:14 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 08:14 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 08:14 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 08:14 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 08:14 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 08:14 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 08:14 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 08:14 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 08:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 08:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 08:14 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 08:14 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 08:14 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 08:14 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 08:14 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 08:12 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 08:12 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 08:12 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 08:12 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-05 21:35 - 2014-08-24 00:35 - 00087332 _____ () C:\Windows\PFRO.log
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 11:32 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-04 11:25 - 2014-08-04 11:32 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-04 13:00 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:09 - 2014-08-11 22:47 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-02 09:07 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 09:07 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 09:07 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 09:07 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 09:07 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 09:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-26 09:03 - 2014-07-30 13:55 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player
2014-07-25 19:41 - 2014-08-03 14:02 - 00000000 ____D () C:\Program Files (x86)\Solveig Multimedia
2014-07-25 19:41 - 2014-08-03 14:01 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Solveig Multimedia

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 00:51 - 2014-08-21 11:51 - 00012661 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-24 00:50 - 2014-08-24 00:50 - 00001682 _____ () C:\Users\Metz-One\Desktop\JRT.txt
2014-08-24 00:50 - 2014-08-24 00:08 - 00000000 ____D () C:\Users\Metz-One\Desktop\Trojaner
2014-08-24 00:50 - 2014-08-21 11:50 - 00000000 ____D () C:\FRST
2014-08-24 00:43 - 2014-08-24 00:43 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 00:42 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 00:42 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-24 00:36 - 2014-08-21 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 00:35 - 2014-08-23 20:12 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 00:35 - 2014-08-05 21:35 - 00087332 _____ () C:\Windows\PFRO.log
2014-08-24 00:35 - 2014-06-09 20:26 - 00019846 _____ () C:\Windows\setupact.log
2014-08-24 00:35 - 2013-11-11 09:36 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-24 00:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 00:34 - 2014-08-24 00:24 - 00000000 ____D () C:\AdwCleaner
2014-08-24 00:34 - 2013-11-26 05:16 - 02006363 _____ () C:\Windows\WindowsUpdate.log
2014-08-24 00:09 - 2010-11-11 03:51 - 00662030 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 00:09 - 2010-11-11 03:51 - 00142010 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 00:09 - 2009-07-14 07:13 - 01529916 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 00:05 - 2014-08-24 00:03 - 01016261 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe
2014-08-24 00:04 - 2014-08-24 00:01 - 00474003 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe.31ho6x1.partial
2014-08-24 00:04 - 2012-10-21 00:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-23 23:55 - 2013-01-18 15:33 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\BitTorrent
2014-08-23 23:53 - 2014-08-23 23:51 - 00000000 ____D () C:\Users\Metz-One\Downloads\Travis - Where You Stand (Limited Edition) 2013 Rock 320kbps CBR MP3 [VX] [P2PDL]
2014-08-23 23:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 23:48 - 2014-08-23 23:35 - 00000000 ____D () C:\Users\Metz-One\Downloads\Travis - Discography @320 [1997-2013] (By Jamal The Moroccan
2014-08-23 23:40 - 2014-08-23 23:40 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.1dmntv4.partial
2014-08-23 23:36 - 2014-08-23 23:36 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.0pxsefg.partial
2014-08-23 23:25 - 2014-08-23 23:24 - 00000000 ____D () C:\Users\Metz-One\Downloads\Sex Pistols
2014-08-23 22:37 - 2014-08-23 22:20 - 00000000 ____D () C:\Users\Metz-One\Downloads\Blur 21
2014-08-23 22:33 - 2014-08-23 11:43 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Friday Night Smackdown HDTV 2014-08-22 720p AVCHD-SC-SDH
2014-08-23 22:08 - 2014-08-23 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypersonic 2
2014-08-23 22:07 - 2014-08-23 21:22 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-08-23 22:07 - 2013-04-30 08:18 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-23 21:53 - 2014-08-23 21:51 - 00000000 ____D () C:\Users\Metz-One\Downloads\Hypersonic
2014-08-23 21:52 - 2013-11-09 14:46 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Media Player Classic
2014-08-23 21:00 - 2014-08-23 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-23 21:00 - 2014-08-23 19:40 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-08-23 21:00 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-23 20:52 - 2014-08-23 20:52 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Arturia
2014-08-23 20:50 - 2014-08-23 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncrosoft
2014-08-23 20:50 - 2014-08-23 20:10 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-08-23 20:33 - 2014-08-23 20:10 - 00020618 _____ () C:\Windows\DPINST.LOG
2014-08-23 20:33 - 2014-08-23 20:10 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-08-23 20:33 - 2014-08-23 20:10 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-08-23 20:32 - 2014-08-22 21:32 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia.V.Collection.2010.v2.0+Presets.Incl.Keygen-AiR
2014-08-23 20:16 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\eLicenser
2014-08-23 20:11 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2014-08-23 20:10 - 2014-08-23 20:10 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2014-08-23 20:10 - 2014-08-23 20:07 - 00000000 ____D () C:\ProgramData\Syncrosoft
2014-08-23 20:05 - 2014-08-23 20:05 - 00000000 _____ () C:\Users\Metz-One\Downloads\JRT_exe.bqg116r.partial
2014-08-23 20:03 - 2014-08-23 20:03 - 01364531 _____ () C:\Users\Metz-One\Downloads\adwcleaner_3.308.exe
2014-08-23 19:51 - 2014-08-23 19:51 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-23 19:39 - 2014-08-22 21:28 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia Spark Vintage Drume Machine STANDALONE VSTi RTAS v1.0 x86 x64 - ASSiGN
2014-08-23 11:16 - 2014-08-22 10:23 - 00000315 _____ () C:\Users\Metz-One\Desktop\WRESTLERs.txt
2014-08-22 21:01 - 2014-08-22 20:23 - 115816679 _____ () C:\Users\Metz-One\Downloads\Ahz-NiMeEg.zip
2014-08-22 15:33 - 2014-08-18 13:47 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE SummerSlam HD 2014-08-17 720p H264 AVCHD-SC-SDH
2014-08-22 11:08 - 2014-08-22 11:08 - 00022838 _____ () C:\ComboFix.txt
2014-08-22 11:08 - 2014-08-22 10:50 - 00000000 ____D () C:\Qoobox
2014-08-22 11:07 - 2014-08-22 10:49 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 11:05 - 2009-07-14 04:34 - 00000241 _____ () C:\Windows\system.ini
2014-08-22 10:44 - 2014-08-22 10:44 - 05572006 ____R (Swearware) C:\Users\Metz-One\Desktop\ComboFix.exe
2014-08-21 22:15 - 2011-04-11 08:33 - 00000000 ____D () C:\Users\Metz-One\dwhelper
2014-08-21 15:08 - 2014-08-22 22:17 - 00000000 ____D () C:\Users\Metz-One\Downloads\Ahzumjot - Nix Mehr Egal (2014)
2014-08-21 15:00 - 2014-08-21 14:21 - 00000000 ____D () C:\Users\Metz-One\Downloads\BangBrosRemastered.13.07.23.Jessi.Summers.Fire.Your.Boss.XXX.HR.MP4-OHRLY[rarbg]
2014-08-21 11:52 - 2014-08-21 11:52 - 00023693 _____ () C:\Users\Metz-One\Downloads\Addition.txt
2014-08-21 11:50 - 2014-08-21 11:50 - 02101760 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-21 11:47 - 2014-08-20 14:06 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:37 - 2013-01-18 14:46 - 00000000 ___HD () C:\Windows\AxInstSV
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 16:29 - 2010-08-30 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-20 15:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-20 12:26 - 2014-08-20 11:00 - 00000000 ____D () C:\Users\Metz-One\Downloads\WWE Monday Night Raw HDTV 2014-08-18 720p AVCHD-SC-SDH
2014-08-19 21:33 - 2011-04-07 10:49 - 00000155 _____ () C:\Windows\winamp.ini
2014-08-16 17:10 - 2011-04-08 19:40 - 00033280 _____ () C:\Users\Metz-One\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-16 16:18 - 2014-04-15 18:24 - 00000000 ____D () C:\Users\Metz-One\My Games
2014-08-15 22:17 - 2011-04-06 18:41 - 00000000 ____D () C:\Users\Metz-One
2014-08-15 18:19 - 2011-06-17 13:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\DAEMON Tools Lite
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:05 - 2014-08-14 23:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 18:05 - 2012-01-06 23:01 - 00000000 ____D () C:\Users\Metz-One\Desktop\Dokumente
2014-08-14 11:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 08:43 - 2011-05-22 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 08:36 - 2013-07-17 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 08:35 - 2011-04-23 21:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 08:32 - 2014-05-10 16:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 07:58 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-11 22:47 - 2014-08-03 14:09 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-11 15:09 - 2013-06-08 19:28 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 09:01 - 2013-02-10 17:34 - 00000000 ____D () C:\Users\Metz-One\Desktop\Bewerbungen
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-07 04:06 - 2014-08-14 08:12 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 08:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-05 09:20 - 2011-04-08 09:30 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 13:00 - 2014-08-03 14:48 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 11:32 - 2014-08-04 11:25 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-03 22:19 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:48 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2014-08-03 14:39 - 2014-02-24 20:24 - 00000000 ____D () C:\Users\Metz-One\Arbeit & Wichtiges
2014-08-03 14:05 - 2013-09-06 19:19 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\MAGIX
2014-08-03 14:03 - 2014-02-02 17:18 - 00000000 ____D () C:\Program Files\Native Instruments
2014-08-03 14:02 - 2014-07-25 19:41 - 00000000 ____D () C:\Program Files (x86)\Solveig Multimedia
2014-08-03 14:01 - 2014-07-25 19:41 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Solveig Multimedia
2014-08-01 01:41 - 2014-08-14 08:14 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 08:14 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-30 13:55 - 2014-07-26 09:03 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player
2014-07-25 16:52 - 2014-08-14 08:14 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 08:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 08:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 08:14 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 08:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 08:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 08:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 08:14 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 08:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 08:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 08:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 08:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 08:14 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 08:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 08:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 08:14 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 08:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 08:14 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 08:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 08:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 08:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 08:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 08:14 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 08:14 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 08:14 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 08:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 08:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 08:14 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 08:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 08:14 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 08:14 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 08:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 08:14 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 08:14 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 08:14 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 08:14 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 08:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 08:14 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 08:14 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 08:14 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 08:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 08:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 08:14 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 08:14 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 08:14 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 08:14 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 08:14 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 08:14 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 08:14 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 08:14 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 08:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 08:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 08:14 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 08:14 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Some content of TEMP:
====================
C:\Users\Metz-One\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:35

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 24.08.2014 07:01

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Metzka 25.08.2014 11:33
So, alles fertig:-)

ESET

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e5d51ee910fea44b869f099a883626cf
# engine=19814
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-24 05:40:44
# local_time=2014-08-24 07:40:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 208854 160531894 0 0
# scanned=569196
# found=2
# cleaned=0
# scan_time=9768
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=EC3FA9335CF9402DD2B5BDEAACDAFED8F53E8ED1 ft=1 fh=b634ee102f30f686 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Metz-One\Back Up\Musik\Musik bearbeiten\FreeVideoToMP3Converter.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e5d51ee910fea44b869f099a883626cf
# engine=19823
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-25 09:52:10
# local_time=2014-08-25 11:52:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 56996 160590180 0 0
# scanned=736222
# found=3
# cleaned=0
# scan_time=12862
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=EC3FA9335CF9402DD2B5BDEAACDAFED8F53E8ED1 ft=1 fh=b634ee102f30f686 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Metz-One\Back Up\Musik\Musik bearbeiten\FreeVideoToMP3Converter.exe"
sh=EC3FA9335CF9402DD2B5BDEAACDAFED8F53E8ED1 ft=1 fh=b634ee102f30f686 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="F:\DH - ExtreneFestplatte I\Back Up\Musik\Musik bearbeiten\FreeVideoToMP3Converter.exe"
checkup

Code:
Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
  Adobe Flash Player 11.9.900.170 Flash Player out of Date! 
 Adobe Reader 10.1.11 Adobe Reader out of Date! 
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Metz-One (administrator) on METZ-ONE-PC on 25-08-2014 12:11:21
Running from C:\Users\Metz-One\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2131351800-3081115588-278826005-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1E3E2167E9BDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Metz-One\AppData\Roaming\Mozilla\Firefox\Profiles\z5zo2aap.default-1408604426946\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-21]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2014-03-12] (QUALCOMM Incorporated) [File not signed]
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-31] (DT Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 12:10 - 2014-08-25 12:10 - 00000000 ____D () C:\Users\Metz-One\Downloads\FRST-OlderVersion
2014-08-24 19:47 - 2014-08-24 19:47 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 19:46 - 2014-08-24 19:46 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 08:25 - 2014-08-24 08:25 - 02347384 _____ (ESET) C:\Users\Metz-One\Downloads\esetsmartinstaller_deu.exe
2014-08-24 08:25 - 2014-08-24 08:25 - 00854417 _____ () C:\Users\Metz-One\Downloads\SecurityCheck.exe
2014-08-24 00:50 - 2014-08-24 00:50 - 00001682 _____ () C:\Users\Metz-One\Desktop\JRT.txt
2014-08-24 00:43 - 2014-08-24 00:43 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 00:24 - 2014-08-24 00:34 - 00000000 ____D () C:\AdwCleaner
2014-08-24 00:08 - 2014-08-25 12:10 - 00000000 ____D () C:\Users\Metz-One\Desktop\Trojaner
2014-08-24 00:03 - 2014-08-24 00:05 - 01016261 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe
2014-08-23 22:08 - 2014-08-23 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypersonic 2
2014-08-23 22:07 - 2010-06-06 23:37 - 02785792 _____ (AiR) C:\Windows\SysWOW64\GuaD.dll
2014-08-23 21:51 - 2014-08-23 21:53 - 00000000 ____D () C:\Users\Metz-One\Downloads\Hypersonic
2014-08-23 21:22 - 2014-08-23 22:07 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-08-23 20:52 - 2014-08-23 20:52 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Arturia
2014-08-23 20:50 - 2014-08-23 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncrosoft
2014-08-23 20:10 - 2014-08-23 20:50 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-08-23 20:10 - 2014-08-23 20:33 - 00020618 _____ () C:\Windows\DPINST.LOG
2014-08-23 20:10 - 2014-08-23 20:33 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-08-23 20:10 - 2014-08-23 20:33 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-08-23 20:10 - 2014-08-23 20:16 - 00000000 ____D () C:\ProgramData\eLicenser
2014-08-23 20:10 - 2014-08-23 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2014-08-23 20:10 - 2014-08-23 20:10 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2014-08-23 20:10 - 2009-09-17 16:20 - 01695232 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\synsoacc.dll
2014-08-23 20:10 - 2009-09-17 16:20 - 01261568 _____ (Steinberg Media Technologies GmbH) C:\Windows\SysWOW64\SYNSOACC.dll
2014-08-23 20:10 - 2009-05-19 15:21 - 00086016 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe
2014-08-23 20:10 - 2006-01-29 11:48 - 00147425 _____ () C:\Windows\SysWOW64\SYNSOACC-Aide.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00147425 _____ () C:\Windows\system32\SYNSOACC-Aide.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00120468 _____ () C:\Windows\SysWOW64\SYNSOACC-Hilfe.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00120468 _____ () C:\Windows\system32\SYNSOACC-Hilfe.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00114279 _____ () C:\Windows\SysWOW64\SYNSOACC-Help.chm
2014-08-23 20:10 - 2006-01-29 11:48 - 00114279 _____ () C:\Windows\system32\SYNSOACC-Help.chm
2014-08-23 20:09 - 2014-08-23 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-23 20:09 - 2009-09-09 18:38 - 00163840 _____ () C:\Windows\SysWOW64\ArtFfct.dll
2014-08-23 20:07 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\Syncrosoft
2014-08-23 20:03 - 2014-08-23 20:03 - 01364531 _____ () C:\Users\Metz-One\Downloads\adwcleaner_3.308.exe
2014-08-23 19:40 - 2014-08-23 21:00 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-08-22 22:17 - 2014-08-21 15:08 - 00000000 ____D () C:\Users\Metz-One\Downloads\Ahzumjot - Nix Mehr Egal (2014)
2014-08-22 21:32 - 2014-08-23 20:32 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia.V.Collection.2010.v2.0+Presets.Incl.Keygen-AiR
2014-08-22 21:28 - 2014-08-23 19:39 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia Spark Vintage Drume Machine STANDALONE VSTi RTAS v1.0 x86 x64 - ASSiGN
2014-08-22 20:23 - 2014-08-22 21:01 - 115816679 _____ () C:\Users\Metz-One\Downloads\Ahz-NiMeEg.zip
2014-08-22 11:08 - 2014-08-22 11:08 - 00022838 _____ () C:\ComboFix.txt
2014-08-22 10:50 - 2014-08-22 11:08 - 00000000 ____D () C:\Qoobox
2014-08-22 10:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 10:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 10:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 10:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 10:49 - 2014-08-22 11:07 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 10:44 - 2014-08-22 10:44 - 05572006 ____R (Swearware) C:\Users\Metz-One\Desktop\ComboFix.exe
2014-08-22 10:23 - 2014-08-23 11:16 - 00000315 _____ () C:\Users\Metz-One\Desktop\WRESTLERs.txt
2014-08-21 14:21 - 2014-08-21 15:00 - 00000000 ____D () C:\Users\Metz-One\Downloads\BangBrosRemastered.13.07.23.Jessi.Summers.Fire.Your.Boss.XXX.HR.MP4-OHRLY[rarbg]
2014-08-21 11:52 - 2014-08-21 11:52 - 00023693 _____ () C:\Users\Metz-One\Downloads\Addition.txt
2014-08-21 11:51 - 2014-08-25 12:11 - 00012503 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-21 11:50 - 2014-08-25 12:11 - 00000000 ____D () C:\FRST
2014-08-21 11:50 - 2014-08-25 12:10 - 02103296 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:15 - 2014-08-25 08:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 09:15 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 09:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 14:06 - 2014-08-21 11:47 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-20 13:53 - 2014-08-20 15:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:03 - 2014-08-23 21:00 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:03 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 08:14 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 08:14 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 08:14 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 08:14 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 08:14 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 08:14 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 08:14 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 08:14 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 08:14 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 08:14 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 08:14 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 08:14 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 08:14 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 08:14 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 08:14 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 08:14 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 08:14 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 08:14 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 08:14 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 08:14 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 08:14 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 08:14 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 08:14 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 08:14 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 08:14 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 08:14 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 08:14 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 08:14 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 08:14 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 08:14 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 08:14 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 08:14 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 08:14 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 08:14 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 08:14 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 08:14 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 08:14 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 08:14 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 08:14 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 08:14 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 08:14 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 08:14 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 08:14 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 08:14 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 08:14 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 08:14 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 08:14 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 08:14 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 08:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 08:14 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 08:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 08:12 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 08:12 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 08:12 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 08:12 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-05 21:35 - 2014-08-24 19:46 - 00167954 _____ () C:\Windows\PFRO.log
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 11:32 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-04 11:25 - 2014-08-04 11:32 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-04 13:00 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:09 - 2014-08-11 22:47 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-02 09:07 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 09:07 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 09:07 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 09:07 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 09:07 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 09:07 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 09:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 09:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-26 09:03 - 2014-07-30 13:55 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 12:12 - 2014-08-21 11:51 - 00012503 _____ () C:\Users\Metz-One\Downloads\FRST.txt
2014-08-25 12:11 - 2014-08-21 11:50 - 00000000 ____D () C:\FRST
2014-08-25 12:10 - 2014-08-25 12:10 - 00000000 ____D () C:\Users\Metz-One\Downloads\FRST-OlderVersion
2014-08-25 12:10 - 2014-08-24 00:08 - 00000000 ____D () C:\Users\Metz-One\Desktop\Trojaner
2014-08-25 12:10 - 2014-08-21 11:50 - 02103296 _____ (Farbar) C:\Users\Metz-One\Downloads\FRST64.exe
2014-08-25 12:04 - 2012-10-21 00:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 11:58 - 2013-11-26 05:16 - 02080589 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 08:37 - 2014-08-21 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 08:10 - 2010-11-11 03:51 - 00662030 _____ () C:\Windows\system32\perfh007.dat
2014-08-25 08:10 - 2010-11-11 03:51 - 00142010 _____ () C:\Windows\system32\perfc007.dat
2014-08-25 08:10 - 2009-07-14 07:13 - 01529916 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-25 07:44 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 07:44 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 07:37 - 2014-06-09 20:26 - 00020126 _____ () C:\Windows\setupact.log
2014-08-25 07:37 - 2013-11-11 09:36 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-25 07:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 21:48 - 2013-01-18 15:33 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\BitTorrent
2014-08-24 19:47 - 2014-08-24 19:47 - 00100272 _____ () C:\Users\Metz-One\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 19:46 - 2014-08-24 19:46 - 00371608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 19:46 - 2014-08-05 21:35 - 00167954 _____ () C:\Windows\PFRO.log
2014-08-24 16:54 - 2013-11-09 14:46 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Media Player Classic
2014-08-24 15:07 - 2011-04-07 10:49 - 00000155 _____ () C:\Windows\winamp.ini
2014-08-24 08:25 - 2014-08-24 08:25 - 02347384 _____ (ESET) C:\Users\Metz-One\Downloads\esetsmartinstaller_deu.exe
2014-08-24 08:25 - 2014-08-24 08:25 - 00854417 _____ () C:\Users\Metz-One\Downloads\SecurityCheck.exe
2014-08-24 00:50 - 2014-08-24 00:50 - 00001682 _____ () C:\Users\Metz-One\Desktop\JRT.txt
2014-08-24 00:43 - 2014-08-24 00:43 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 00:34 - 2014-08-24 00:24 - 00000000 ____D () C:\AdwCleaner
2014-08-24 00:05 - 2014-08-24 00:03 - 01016261 _____ (Thisisu) C:\Users\Metz-One\Downloads\JRT.exe
2014-08-23 23:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 22:08 - 2014-08-23 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypersonic 2
2014-08-23 22:07 - 2014-08-23 21:22 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-08-23 22:07 - 2013-04-30 08:18 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-23 21:53 - 2014-08-23 21:51 - 00000000 ____D () C:\Users\Metz-One\Downloads\Hypersonic
2014-08-23 21:00 - 2014-08-23 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-23 21:00 - 2014-08-23 19:40 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-08-23 21:00 - 2014-08-20 13:03 - 00000000 ____D () C:\ProgramData\Arturia
2014-08-23 20:52 - 2014-08-23 20:52 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Arturia
2014-08-23 20:50 - 2014-08-23 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncrosoft
2014-08-23 20:50 - 2014-08-23 20:10 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-08-23 20:33 - 2014-08-23 20:10 - 00020618 _____ () C:\Windows\DPINST.LOG
2014-08-23 20:33 - 2014-08-23 20:10 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-08-23 20:33 - 2014-08-23 20:10 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-08-23 20:32 - 2014-08-22 21:32 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia.V.Collection.2010.v2.0+Presets.Incl.Keygen-AiR
2014-08-23 20:16 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\eLicenser
2014-08-23 20:11 - 2014-08-23 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2014-08-23 20:10 - 2014-08-23 20:10 - 00002892 _____ () C:\Windows\SysWOW64\audcon.sys
2014-08-23 20:10 - 2014-08-23 20:07 - 00000000 ____D () C:\ProgramData\Syncrosoft
2014-08-23 20:03 - 2014-08-23 20:03 - 01364531 _____ () C:\Users\Metz-One\Downloads\adwcleaner_3.308.exe
2014-08-23 19:39 - 2014-08-22 21:28 - 00000000 ____D () C:\Users\Metz-One\Downloads\Arturia Spark Vintage Drume Machine STANDALONE VSTi RTAS v1.0 x86 x64 - ASSiGN
2014-08-23 11:16 - 2014-08-22 10:23 - 00000315 _____ () C:\Users\Metz-One\Desktop\WRESTLERs.txt
2014-08-22 21:01 - 2014-08-22 20:23 - 115816679 _____ () C:\Users\Metz-One\Downloads\Ahz-NiMeEg.zip
2014-08-22 11:08 - 2014-08-22 11:08 - 00022838 _____ () C:\ComboFix.txt
2014-08-22 11:08 - 2014-08-22 10:50 - 00000000 ____D () C:\Qoobox
2014-08-22 11:07 - 2014-08-22 10:49 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 11:05 - 2009-07-14 04:34 - 00000241 _____ () C:\Windows\system.ini
2014-08-22 10:44 - 2014-08-22 10:44 - 05572006 ____R (Swearware) C:\Users\Metz-One\Desktop\ComboFix.exe
2014-08-21 22:15 - 2011-04-11 08:33 - 00000000 ____D () C:\Users\Metz-One\dwhelper
2014-08-21 15:08 - 2014-08-22 22:17 - 00000000 ____D () C:\Users\Metz-One\Downloads\Ahzumjot - Nix Mehr Egal (2014)
2014-08-21 15:00 - 2014-08-21 14:21 - 00000000 ____D () C:\Users\Metz-One\Downloads\BangBrosRemastered.13.07.23.Jessi.Summers.Fire.Your.Boss.XXX.HR.MP4-OHRLY[rarbg]
2014-08-21 11:52 - 2014-08-21 11:52 - 00023693 _____ () C:\Users\Metz-One\Downloads\Addition.txt
2014-08-21 11:47 - 2014-08-20 14:06 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Huveqozu
2014-08-21 09:46 - 2014-08-21 09:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Metz-One\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-08-21 09:37 - 2013-01-18 14:46 - 00000000 ___HD () C:\Windows\AxInstSV
2014-08-21 09:15 - 2014-08-21 09:15 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 09:15 - 2014-08-21 09:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 09:14 - 2014-08-21 09:14 - 00873576 _____ (Opera Software) C:\Users\Metz-One\Downloads\Opera_NI_stable.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-21 08:52 - 2014-08-21 08:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-21 08:52 - 2014-08-21 08:52 - 00000000 ____D () C:\Program Files\Java
2014-08-21 08:46 - 2014-08-21 08:46 - 31013800 _____ (Oracle Corporation) C:\Users\Metz-One\Downloads\jre-7u67-windows-x64.com
2014-08-20 16:29 - 2014-08-20 16:29 - 00003146 _____ () C:\Windows\System32\Tasks\{1DA1F9E1-2E1E-4797-97EF-2147E1AC3591}
2014-08-20 16:29 - 2010-08-30 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-20 15:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\OxbiDewli
2014-08-20 13:53 - 2014-08-20 13:53 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-20 13:03 - 2014-08-20 13:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-08-16 17:10 - 2011-04-08 19:40 - 00033280 _____ () C:\Users\Metz-One\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 16:52 - 2014-08-16 16:52 - 00000000 ____D () C:\Users\Metz-One\Downloads\Madden NFL 12
2014-08-16 16:18 - 2014-04-15 18:24 - 00000000 ____D () C:\Users\Metz-One\My Games
2014-08-15 22:17 - 2011-04-06 18:41 - 00000000 ____D () C:\Users\Metz-One
2014-08-15 18:19 - 2011-06-17 13:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\DAEMON Tools Lite
2014-08-14 23:05 - 2014-08-14 23:05 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUERipper
2014-08-14 23:05 - 2014-08-14 23:03 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\CUE Tools
2014-08-14 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 18:05 - 2012-01-06 23:01 - 00000000 ____D () C:\Users\Metz-One\Desktop\Dokumente
2014-08-14 11:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 08:43 - 2011-05-22 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 08:36 - 2013-07-17 22:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 08:35 - 2011-04-23 21:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 08:32 - 2014-05-10 16:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 07:58 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-11 22:47 - 2014-08-03 14:09 - 00000000 ____D () C:\Users\Metz-One\Downloads\Instrumentals
2014-08-11 15:09 - 2013-06-08 19:28 - 00000000 ____D () C:\Windows\Minidump
2014-08-10 09:01 - 2013-02-10 17:34 - 00000000 ____D () C:\Users\Metz-One\Desktop\Bewerbungen
2014-08-08 10:51 - 2014-08-08 10:51 - 00201457 _____ () C:\Users\Metz-One\Downloads\t322955.torrent
2014-08-07 04:06 - 2014-08-14 08:12 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 08:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieUserList
2014-08-05 15:16 - 2014-08-05 15:16 - 00000000 __SHD () C:\Users\Metz-One\AppData\Local\EmieSiteList
2014-08-05 09:20 - 2011-04-08 09:30 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 20:22 - 2014-08-04 20:22 - 01341974 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.702.games.ntsc.pack.1.m.z.torrent
2014-08-04 20:22 - 2014-08-04 20:22 - 01209265 _____ () C:\Users\Metz-One\Downloads\[kickass.to]sony.playstation.2.648.games.ntsc.pack.2.0.l.torrent
2014-08-04 13:00 - 2014-08-03 14:48 - 00001373 _____ () C:\Users\Metz-One\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 11:32 - 2014-08-04 11:25 - 00010033 _____ () C:\Windows\IE11_main.log
2014-08-04 11:28 - 2014-08-04 11:28 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-04 11:28 - 2014-08-04 11:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-04 11:28 - 2014-08-04 11:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-04 11:28 - 2014-08-04 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-04 11:28 - 2014-08-04 11:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-04 11:28 - 2014-08-04 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-03 22:19 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 19:24 - 2014-08-03 19:24 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 14:48 - 2014-08-03 14:48 - 00001369 _____ () C:\Users\Metz-One\Desktop\Internet Explorer (64-bit).lnk
2014-08-03 14:48 - 2007-07-12 03:49 - 00000000 ____D () C:\Windows\Panther
2014-08-03 14:39 - 2014-02-24 20:24 - 00000000 ____D () C:\Users\Metz-One\Arbeit & Wichtiges
2014-08-03 14:05 - 2013-09-06 19:19 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\MAGIX
2014-08-03 14:03 - 2014-02-02 17:18 - 00000000 ____D () C:\Program Files\Native Instruments
2014-08-03 14:02 - 2014-07-25 19:41 - 00000000 ____D () C:\Program Files (x86)\Solveig Multimedia
2014-08-03 14:01 - 2014-07-25 19:41 - 00000000 ____D () C:\Users\Metz-One\AppData\Roaming\Solveig Multimedia
2014-08-01 01:41 - 2014-08-14 08:14 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 08:14 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-30 13:55 - 2014-07-26 09:03 - 00000000 ____D () C:\Users\Metz-One\Downloads\mp3 Player

Some content of TEMP:
====================
C:\Users\Metz-One\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:35

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

schrauber 26.08.2014 06:19
Flash und Adobe updaten.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Metzka 26.08.2014 11:01
Erst Mal vielen Dank für alles!

Ich denke es läuft jetzt wieder alles.

Zu deinen Tipps hätte ich noch ein paar Fragen.

1. Kann ich also CCleaner durch TFC ersetzten? Oder gibt es eine Alternative zu CC oder ist das gut, das Programm?

2. Was hälts du von Avira? Gibt es da deiner Meinung nach ein gute/bessere Alternative?

3. Gehört nicht ganz zum Thema aber gibt es etwas bei msconfig zu beachten? Also was man da am besten einstellt und was nicht (beim Starten) des PCs. Gibt es irgendwelche Sachen die man immer ausstellen kann?

4. Ich bin jetzt auf Opera umgestiegen. Kann man da irgendwie die 3D Ansicht ausschalten. Weil mein PC sich gerne mal Aufhängt. PC kann man irgendwie Windows 7 64 zu 32 machen? Meine Grafikkarte und das Internet kommen irgendwie nicht aufeinander klar und ich denke dass liegt daran das meine AMD Radeon nicht auf Windows 7 64 klar kommt. Habe es schon mit anderen Grafikkartentreiber versucht aber irgendwie ändert sich da nichts.

schrauber 27.08.2014 10:02
Ccleaner kannste nutzen, aber FInger weg von der Registry.

Von Avira halte ich gar nix. Ich empfehle immer Emsisoft.

Lass MSConfig so wie es ist. Da gewinnt man auch nicht viel.

Metzka 27.08.2014 20:35
Okay, alles klar.

Eine Sache noch. Seit ich die Programme genutzt habe, braucht mein PC sehr lange um sich anzumelden. Also nachdem ich das Windows Passwort benutzt habe, erscheint teilweise bis zu 2 Minuten ein blauer Bildschirm und dann erst auf die WindowsOberfläche.

Woran kann das liegen bzw. kann man das beheben?

schrauber 28.08.2014 12:48
Hast Du unsere Tools schon bereinigt? Läuft MBAM noch?

Metzka 28.08.2014 19:42
Also die Programme hatte ich alle gelöscht. Aber MBAM hatte ich als OnlineSchutz wieder installiert.


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:55 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131