Trojaner-Board
Seite 1 von 5 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Laptop plötzlich total lahm und reagiert verzögert - Trojaner Bundespolizei Fehler XYZ (https://www.trojaner-board.de/137265-laptop-ploetzlich-total-lahm-reagiert-verzoegert-trojaner-bundespolizei-fehler-xyz.html)

Penelope8282 27.06.2013 08:22
Laptop plötzlich total lahm und reagiert verzögert - Trojaner Bundespolizei Fehler XYZ
 
Hallo,
habe mir vor drei wochen den Trojaner der Bundespolizei eingefangen und ihn mit Anleitung durchs Internet entfernt, zumindest ging danach wieder alles gewohnt. seit heute morgen geht auf meinem Lappi fast gar nix mehr! Alles total lahm, vor allem das Internet. Brauchte nun fast 10 Minuten um mich hier einzuloggen und den Thread zu erstellen..
Ich hab kaum Ahnung von Rechnern aber hier wurde mir schon mal toll geholfen!
Habe bereits CCleaner durchgeführt aber das hat nichts gebracht.
Was kann/muss ich tun?

lg

schrauber 27.06.2013 08:27
HI,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Penelope8282 27.06.2013 09:31
mhm, da steht nichts von "scan" muss irgendwelche Files dropen?
Bin grad etwas überfordert:wtf:
Zudem floppt hier ständig ein Fenster auf wo steht ich hätte Spyware dadurch wäre mein PC langsamer?!

schrauber 27.06.2013 09:41
What? Hast Du FRST auf dem Desktop? wenn einfach Doppelklick und Scan klicken.

Penelope8282 27.06.2013 09:59
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2013 02
Ran by Sonne at 2013-06-27 10:57:06
Running from C:\Users\Sonne\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Advertising Center (x32 Version: 0.0.0.1)
AIS Connect (x32 Version: 1.1.1.6)
Apple Application Support (x32 Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (x32 Version: 2.1.3.127)
Bluetooth Feature Pack 5.0 (Version: 5.0.14)
Bonjour (Version: 3.0.0.10)
BrowserDefender (x32)
CCleaner (Version: 3.11)
Cool Lyrics (x32)
CyberLink YouCam (x32 Version: 3.0.1908.7636)
D3DX10 (x32 Version: 15.4.2368.0902)
DealPly (HKCU)
DealPly (remove only) (x32 Version: 4.8.6.1)
Delta Chrome Toolbar (x32)
Delta toolbar  (x32 Version: 1.8.21.5)
DeskUpdate 4.11 (x32 Version: 4.11.0074)
eBay (x32 Version: 1.0.1)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fujitsu Display Manager (Version: 7.01.00.210)
Fujitsu Display Manager (x32 Version: )
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000)
Fujitsu MobilityCenter Extension Utility (x32 Version: )
Fujitsu System Extension Utility (Version: 3.1.1.0)
Fujitsu System Extension Utility (x32)
Google Chrome (x32 Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.145)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.0.334.0)
ImagXpress (x32 Version: 7.0.74.0)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
iTunes (Version: 10.6.1.7)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
LifeBook Application Panel (Version: 8.1.0.0)
LifeBook Application Panel (x32)
Lyrics Finder (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 9 Essentials (x32)
Nero BurnRights (x32 Version: 3.4.10.100)
Nero BurnRights Help (x32 Version: 3.4.4.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 4.4.9.203)
Nero CoverDesigner Help (x32 Version: 4.4.6.100)
Nero DiscSpeed (x32 Version: 5.4.7.202)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.10.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero InfoTool (x32 Version: 6.4.7.204)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero StartSmart (x32 Version: 9.4.11.207)
Nero StartSmart Help (x32 Version: 9.4.1.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
neroxml (x32 Version: 1.0.0)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoScape (x32)
Plugfree NETWORK (Version: 5.3.0.1)
Plugfree NETWORK (Version: 5.3.001)
Plus-HD-1.6 (x32 Version: 1.27.153.5)
Plus-HD-2.3 (x32 Version: 1.27.153.5)
Power Saving Utility (Version: 31.01.11.013)
Power Saving Utility (x32)
Qtrax Player (HKCU)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087)
Rossmann Fotowelt Software 4.9 (x32 Version: 4.9)
Skype™ 6.3 (x32 Version: 6.3.105)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
TeamViewer 7 (x32 Version: 7.0.15723)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Zip Opener (HKCU)
Wajam (x32 Version: 1.80)
WebCake 3.00 (Version: 3.00)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Zip Opener Packages (HKCU)
Zip Opener Packages 83 (HKCU)

==================== Restore Points  =========================

03-06-2013 17:19:16 Windows Update
07-06-2013 12:52:29 Windows Update
07-06-2013 19:19:43 Windows Update
11-06-2013 13:21:13 Windows Update
16-06-2013 16:56:07 Windows Update
18-06-2013 01:00:55 Windows Update
21-06-2013 01:00:50 Windows Update
24-06-2013 07:57:55 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {051FC969-4492-4121-8694-272198B0250E} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software)
Task: {052DD86F-62F1-497A-A9E5-710BA7A63CB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-30] (Google Inc.)
Task: {0B220A13-7A55-4E9B-AA30-0B4FB9B5C1AB} - System32\Tasks\Cool Lyrics Update => C:\Program Files (x86)\CoolLyrics\CoolLyricsUpdater.exe [2013-06-12] (CoolZone)
Task: {23CFF1AB-A31B-411A-B233-92B3A8EB3557} - System32\Tasks\Plus-HD-1.6-updater => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe [2013-06-27] (Plus HD)
Task: {23D0AE57-EA18-4B45-8047-200E93E04815} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-30] (Google Inc.)
Task: {2CB26FFB-D9F4-425D-AAC3-FD53A5CE2052} - System32\Tasks\EPUpdater => C:\Users\Sonne\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {428CE52F-20FA-48FF-99C0-E6ADD82ADD16} - System32\Tasks\Plus-HD-2.3-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe [2013-06-27] (Plus HD)
Task: {51867957-0D20-4AEB-94F3-1A8D117EF1E6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {564A0538-69D0-4289-B46A-5640B973DC94} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-06-27] (Plus HD)
Task: {56615F28-4332-437F-B24E-3C8F0607839E} - System32\Tasks\Plus-HD-1.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe [2013-06-27] (Plus HD)
Task: {59C63AA1-4685-4335-9D96-F274CB15E1D5} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-27] (Plus HD)
Task: {65A6A838-CF81-4A49-AED4-D6FD263E0342} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation)
Task: {6AEEDEA0-A547-4EA4-9AFD-BFA6D14445C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {90BF2298-11BD-4EC3-AEE8-AD0FF4C66D45} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-27] (Plus HD)
Task: {B15C4205-E543-4236-8E62-0F4D4C503505} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-27] (Plus HD)
Task: {C146C57A-7D23-4409-B3EE-C2DEDB3FB9C3} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-27] (Plus HD)
Task: {C81A6CC7-9F65-4B36-9A95-33D5EBF5372E} - System32\Tasks\DealPly => C:\Users\Sonne\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()
Task: {CD138A90-0F71-4F58-811C-C8C3E0CD15BB} - System32\Tasks\Plus-HD-1.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe [2013-06-27] (Plus HD)
Task: {D3C1118F-92C4-47FB-A567-944C11E49FCA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D6DDC8A6-0289-4AFF-A122-FCD8C5F32842} - System32\Tasks\Plus-HD-1.6-enabler => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe [2013-06-27] (Plus HD)
Task: {DC4A616E-4890-42BD-9512-41D43BC5CC8F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {F18FBE52-13C8-49FF-B7FC-18FCA0169CDD} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {F5DBAC6D-40A2-4CB2-9847-A9BF2AC9876E} - System32\Tasks\DSite => C:\Users\Sonne\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-06-27] ()
Task: {F6A4F92D-E0F2-4A47-AD36-D3E004BD7619} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {FBE95964-C51D-4AC1-9696-D5E16E11B571} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Cool Lyrics Update.job => C:\Program Files (x86)\CoolLyrics\CoolLyricsUpdater.exe
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-enabler.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-updater.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2013 10:07:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec367
Name des fehlerhaften Moduls: mozalloc.dll, Version: 21.0.0.4879, Zeitstempel: 0x518eaa4a
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001988
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/27/2013 08:42:32 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (06/27/2013 08:42:02 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (06/27/2013 08:41:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12913934

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12913934

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11060

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11060

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/26/2013 08:55:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (06/26/2013 08:55:52 PM) (Source: DCOM) (User: )
Description: 109gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/24/2013 09:53:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?24.?06.?2013 um 03:06:09 unerwartet heruntergefahren.

Error: (06/18/2013 11:54:05 AM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (06/07/2013 09:10:51 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (06/07/2013 09:09:37 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf

Error: (06/07/2013 09:09:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (06/07/2013 09:09:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (06/07/2013 09:09:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (06/07/2013 09:09:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/27/2013 10:07:43 AM) (Source: Application Error)(User: )
Description: plugin-container.exe21.0.0.4879518ec367mozalloc.dll21.0.0.4879518eaa4a80000003000019885f001ce730475f5c8d7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla4887a97-df00-11e2-86e0-e0ca9437c504

Error: (06/27/2013 08:42:32 AM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (06/27/2013 08:42:02 AM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (06/27/2013 08:41:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12913934

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12913934

Error: (06/27/2013 08:16:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11060

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11060

Error: (06/27/2013 04:41:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 3892.55 MB
Available physical RAM: 1444.39 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5233.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:463.76 GB) (Free:350.57 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B477DB1C)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=464 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02
Ran by Sonne (administrator) on 27-06-2013 10:56:28
Running from C:\Users\Sonne\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(WebCake LLC) C:\Users\Sonne\AppData\Roaming\WebCake\WebCakeDesktop.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
() C:\Program Files (x86)\OpenIt\Open It!\openit.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r [6310912 2010-06-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431504 2009-12-24] (CSR, plc)
HKLM-x32\...\Runonce: [Del5256172] cmd.exe /Q /D /c del "C:\Users\Sonne\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Runonce: [Del5264300] cmd.exe /Q /D /c del "C:\Users\Sonne\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-09-30] (Google Inc.)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643560 2013-03-01] (Skype Technologies S.A.)
HKCU\...\Run: [WebCake Desktop] "C:\Users\Sonne\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC)
HKCU\...\Runonce: [Del5256172] cmd.exe /Q /D /c del "C:\Users\Sonne\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 3905286838.portal.qtrax.com [x]
HKCU\...\Runonce: [Del5264300] cmd.exe /Q /D /c del "C:\Users\Sonne\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [2521040 2013-05-23] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Sonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Cool Lyrics - {7C5D7930-FACC-4A25-AE26-51DDA83F3D75} - C:\Program Files (x86)\CoolLyrics\coolrcs.dll (CoolZone)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default
FF user.js: detected! => C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\user.js
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
FF Extension: No Name - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Delta Toolbar - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\ffxtlbr@delta.com
FF Extension: WebCake - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\plugin@getwebcake.com
FF Extension: Wajam - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}

Chrome:
=======
CHR Extension: (Cool Lyrics) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0
CHR Extension: (Delta Toolbar) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (DealPly Shopping  ) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0
CHR Extension: (Lyrics Finder) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110
CHR Extension: (Plus-HD-1.6) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.23.15_0
CHR Extension: (Wajam) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24
CHR Extension: (Plus-HD-2.3) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0

==================== Services (Whitelisted) =================

R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-24] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC)

==================== Drivers (Whitelisted) ====================

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:55 - 2013-06-27 10:56 - 01931940 ____A (Farbar) C:\Users\Sonne\Desktop\FRST64.exe
2013-06-27 10:08 - 2013-06-27 10:08 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 10:08 - 2013-06-27 10:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 10:07 - 2013-06-27 10:07 - 00002363 ____A C:\Users\Sonne\Desktop\Qtrax Player.lnk
2013-06-27 10:07 - 2013-06-27 10:07 - 00001904 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001830 ____A C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001198 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001194 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001120 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-06-27 10:07 - 2013-06-27 10:07 - 00001098 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00000286 ____A C:\Windows\Tasks\DSite.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DSite
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Local\Wajam
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____A C:\END
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:34 - 2013-06-27 08:40 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 08:34 - 2013-06-27 08:40 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 08:34 - 2013-06-27 08:40 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 08:34 - 2013-06-27 08:40 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 08:34 - 2013-06-27 08:40 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Delta
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\BabSolution
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-27 08:33 - 2013-06-27 08:40 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-12 12:14 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:14 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 12:14 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 12:14 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 12:14 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 12:14 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 12:14 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 12:14 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 21:17 - 2013-06-27 08:44 - 01901049 ____N C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:56 - 2013-06-27 10:55 - 01931940 ____A (Farbar) C:\Users\Sonne\Desktop\FRST64.exe
2013-06-27 10:41 - 2013-03-28 20:47 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 10:29 - 2011-09-30 23:16 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 10:29 - 2011-09-30 23:16 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 10:08 - 2013-06-27 10:08 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 10:08 - 2013-06-27 10:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 10:07 - 2013-06-27 10:07 - 00002363 ____A C:\Users\Sonne\Desktop\Qtrax Player.lnk
2013-06-27 10:07 - 2013-06-27 10:07 - 00001904 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001830 ____A C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001198 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001194 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00001120 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-06-27 10:07 - 2013-06-27 10:07 - 00001098 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00000286 ____A C:\Windows\Tasks\DSite.job
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DSite
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Local\Wajam
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____A C:\END
2013-06-27 10:07 - 2013-04-17 16:39 - 00000000 ____D C:\Users\Sonne\AppData\Local\CrashDumps
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-27 08:47 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 08:47 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 08:44 - 2013-06-07 21:17 - 01901049 ____N C:\Windows\WindowsUpdate.log
2013-06-27 08:40 - 2013-06-27 08:34 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 08:40 - 2013-06-27 08:34 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 08:40 - 2013-06-27 08:34 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 08:40 - 2013-06-27 08:34 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 08:40 - 2013-06-27 08:34 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 08:40 - 2013-06-27 08:33 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 08:40 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Delta
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\BabSolution
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-27 08:34 - 2013-05-24 11:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 08:34 - 2011-09-30 23:23 - 00000000 ____D C:\Users\Sonne\AppData\Local\Adobe
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-27 08:16 - 2013-02-25 17:49 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Skype
2013-06-26 15:42 - 2011-09-30 23:55 - 00000000 ____D C:\Users\Sonne\Desktop\Fotos
2013-06-25 19:08 - 2011-02-14 14:57 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-25 19:08 - 2011-02-14 14:57 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-25 19:08 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 11:13 - 2011-02-14 14:43 - 00000000 ____D C:\Windows\Panther
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 03:07 - 2011-04-16 12:56 - 01591930 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 17:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-18 14:59 - 2011-09-30 23:24 - 00000000 ____D C:\Users\Sonne\AppData\Local\Windows Live
2013-06-14 11:21 - 2013-03-28 20:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 11:21 - 2011-09-30 23:41 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-07 21:14 - 2011-09-30 23:23 - 00000000 ____D C:\users\Sonne
2013-06-07 21:13 - 2011-10-09 14:53 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-06-07 21:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

Files to move or delete:
====================
C:\Users\Sonne\AppData\Roaming\skype.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 15:21

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 27.06.2013 10:53
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Penelope8282 27.06.2013 12:48
Mhm also seit einer halben Std bereitet Combofix Logdatei vor und es tut sich seitdem nix mehr! Ist das normal? Oder hängt da was?

..steht immer noch so!
Was mach ich nun?

schrauber 27.06.2013 13:56
Komt vor, wart nochmal 30 Min dann Programm beenden mit dem X und neu booten.

Penelope8282 27.06.2013 15:02
Habe nun schon zwei mal Combo neu gestartet und wenn er den eine. Punktverreicht hat zwecks Logfile dann passiert nix mehr. Steht nun schon über eine Stunde so

schrauber 27.06.2013 16:17
Combofix löschen, neu laden, nochmal verscuchen. Wenn nicht geht dann:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


und frisches FRST Log bitte.

Penelope8282 27.06.2013 16:38
argh ich geh am Stock!!! Nun habe ich wenn ich Combofix öffne oder Malware eine Fehlermeldung!!!! "..ist keine zulässige Win32-Anwendung!"

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.27.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Sonne :: HARLEY-DAVIDSON [Administrator]

27.06.2013 18:13:19
mbam-log-2013-06-27 (18-13-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 382769
Laufzeit: 37 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Qoobox\Quarantine\C\Users\Sonne\AppData\Roaming\skype.dat.vir (Trojan.Agent.instb) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Combofix übrigens keine Chance, blieb immer da stehen...
Rechner läuft nun nach Malware schneller aber er brummt total laut als wenn er permanent arbeitet! ?

schrauber 27.06.2013 19:12
Poste mal bitte ein frisches FRST Logfile.

Penelope8282 27.06.2013 19:16

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02
Ran by Sonne (administrator) on 27-06-2013 20:14:54
Running from C:\Users\Sonne\Desktop\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(WebCake LLC) C:\Users\Sonne\AppData\Roaming\WebCake\WebCakeDesktop.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r [6310912 2010-06-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431504 2009-12-24] (CSR, plc)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-09-30] (Google Inc.)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643560 2013-03-01] (Skype Technologies S.A.)
HKCU\...\Run: [WebCake Desktop] "C:\Users\Sonne\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC)
HKLM-x32\...\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Sonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Cool Lyrics - {7C5D7930-FACC-4A25-AE26-51DDA83F3D75} - C:\Program Files (x86)\CoolLyrics\coolrcs.dll (CoolZone)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default
FF user.js: detected! => C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\user.js
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
FF Extension: WebCake - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\plugin@getwebcake.com

Chrome:
=======
CHR Extension: (Cool Lyrics) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0
CHR Extension: (Delta Toolbar) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (DealPly Shopping  ) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0
CHR Extension: (Lyrics Finder) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110
CHR Extension: (Plus-HD-1.6) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.23.15_0
CHR Extension: (Wajam) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24

==================== Services (Whitelisted) =================

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-24] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC)

==================== Drivers (Whitelisted) ====================

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-27 18:54 - 2013-06-27 18:54 - 00007690 ____A C:\Windows\PFRO.log
2013-06-27 18:52 - 2013-06-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 17:40 - 2013-06-27 17:46 - 00000000 ____D C:\ComboFix
2013-06-27 13:02 - 2013-06-27 13:09 - 00000000 ____D C:\Windows\erdnt
2013-06-27 13:02 - 2013-06-27 13:02 - 00000000 ____D C:\Qoobox
2013-06-27 13:02 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-27 13:02 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-27 13:02 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-27 12:38 - 2013-06-27 18:55 - 00000448 ____A C:\Windows\setupact.log
2013-06-27 12:38 - 2013-06-27 12:38 - 00000000 ____A C:\Windows\setuperr.log
2013-06-27 11:07 - 2013-06-27 11:07 - 00000005 ____A C:\Users\Sonne\AppData\Roaming\WBPU-TTL.DAT
2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:08 - 2013-06-27 18:55 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 10:08 - 2013-06-27 13:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DSite
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____A C:\END
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:34 - 2013-06-27 18:55 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 08:34 - 2013-06-27 18:55 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 08:34 - 2013-06-27 18:55 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 08:34 - 2013-06-27 18:55 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 08:34 - 2013-06-27 18:55 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:33 - 2013-06-27 18:55 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-12 12:14 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:14 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 12:14 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 12:14 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 12:14 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 12:14 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 12:14 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 12:14 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 21:17 - 2013-06-27 18:54 - 01914511 ____A C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2013-06-27 19:51 - 2013-06-07 21:17 - 01914511 ____A C:\Windows\WindowsUpdate.log
2013-06-27 19:41 - 2013-03-28 20:47 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 19:29 - 2011-09-30 23:16 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 19:03 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 19:03 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 18:57 - 2013-05-10 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 18:57 - 2011-10-01 10:55 - 00000000 ___RD C:\Users\Sonne\Desktop\Programme
2013-06-27 18:55 - 2013-06-27 12:38 - 00000448 ____A C:\Windows\setupact.log
2013-06-27 18:55 - 2013-06-27 10:08 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 18:55 - 2013-06-27 08:34 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 18:55 - 2013-06-27 08:34 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 18:55 - 2013-06-27 08:34 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 18:55 - 2013-06-27 08:34 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 18:55 - 2013-06-27 08:34 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 18:55 - 2013-06-27 08:33 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 18:55 - 2011-09-30 23:16 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 18:55 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 18:54 - 2013-06-27 18:54 - 00007690 ____A C:\Windows\PFRO.log
2013-06-27 18:52 - 2013-06-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 18:11 - 2011-10-01 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-27 18:08 - 2013-02-25 17:49 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Skype
2013-06-27 17:46 - 2013-06-27 17:40 - 00000000 ____D C:\ComboFix
2013-06-27 17:45 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-27 13:09 - 2013-06-27 13:02 - 00000000 ____D C:\Windows\erdnt
2013-06-27 13:08 - 2013-06-27 10:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 13:02 - 2013-06-27 13:02 - 00000000 ____D C:\Qoobox
2013-06-27 12:38 - 2013-06-27 12:38 - 00000000 ____A C:\Windows\setuperr.log
2013-06-27 11:07 - 2013-06-27 11:07 - 00000005 ____A C:\Users\Sonne\AppData\Roaming\WBPU-TTL.DAT
2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DSite
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\DealPly
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____A C:\END
2013-06-27 10:07 - 2013-04-17 16:39 - 00000000 ____D C:\Users\Sonne\AppData\Local\CrashDumps
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:34 - 2011-09-30 23:23 - 00000000 ____D C:\Users\Sonne\AppData\Local\Adobe
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-26 15:42 - 2011-09-30 23:55 - 00000000 ____D C:\Users\Sonne\Desktop\Fotos
2013-06-25 19:08 - 2011-02-14 14:57 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-25 19:08 - 2011-02-14 14:57 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-25 19:08 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 11:13 - 2011-02-14 14:43 - 00000000 ____D C:\Windows\Panther
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 03:07 - 2011-04-16 12:56 - 01591930 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 17:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-18 14:59 - 2011-09-30 23:24 - 00000000 ____D C:\Users\Sonne\AppData\Local\Windows Live
2013-06-14 11:21 - 2013-03-28 20:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 11:21 - 2011-09-30 23:41 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-07 21:14 - 2011-09-30 23:23 - 00000000 ____D C:\users\Sonne
2013-06-07 21:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 15:21

==================== End Of Log ============================
--- --- ---

schrauber 27.06.2013 19:39
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme? :)

Penelope8282 27.06.2013 19:51
AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 27/06/2013 um 20:48:11 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Sonne - HARLEY-DAVIDSON
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sonne\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : WebCake Desktop Updater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\searchplugins\delta.xml
Ordner Gelöscht : C:\Program Files (x86)\WebCake
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\Sonne\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\extensions\plugin@getwebcake.com
Ordner Gelöscht : C:\Users\Sonne\AppData\Roaming\WebCake

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344204402}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\52ede8cb33ebf42
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322202202}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355205502}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366206602}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355205502}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366206602}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [lfind@nijadsoft.net]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16618

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=980E9239E53075CD&affID=119556&tt=250613_gr3&tsp=4926 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\prefs.js

C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.3200[...]
Gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.3200[...]
Gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.3200[...]
Gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.3200[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "27");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "5BA1A75EFE299D842E4386EACFF101C1");
Gelöscht : user_pref("extensions.delta.id", "980e72c30000000000009239e53075cd");
Gelöscht : user_pref("extensions.delta.instlDay", "15883");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.58:34:22");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "azb");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.58:34:22");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119556&tt=250613_gr3&tsp=4926");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [8598 octets] - [27/06/2013 20:48:11]

########## EOF - C:\AdwCleaner[S1].txt - [8658 octets] ##########
--- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Sonne on 27.06.2013 at 20:54:24,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho326D.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{007103F7-CBC1-40F5-852C-DE9E61CFC184}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{05C5392E-6E91-4D0B-9AA6-15540EA679AA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{085D6902-FDE5-4906-A03C-A07816BFB69E}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{0C27580B-91ED-40CA-84D8-0FD0A687BD37}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{10ECEBE1-ADCB-4890-8D32-6359DA3D6F60}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{116F6F20-03FD-4CCD-81A6-9CEF519C0142}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{13BC7DAE-BAA4-4B7E-9826-810257BB013A}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{15DFB734-14BB-4818-B3E4-17E8D54DCC41}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{1759D818-DF83-4630-84C9-552F50894C67}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{180723FE-894B-4EDC-BA18-3E53D6DFC929}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{186E0959-B64C-4BD0-B539-305B578592F0}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{187D8F9A-340A-438B-9A7D-00B8FEEE7FDD}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{1B4E1732-EF8C-468D-83B0-50C6A326D2A8}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{1BAFD5CD-98F8-47D4-A1A8-208E2FF75C81}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{1CAF1EA2-4DB9-4532-977C-17C4FD18A5F4}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{1D6E38F4-36E9-43E6-A5BA-4BC0A33513D0}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{218B9470-93FA-41C5-9536-FD81BA31DE07}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{2B49F382-DF79-4656-BC68-CD463B9311E0}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{2D6F7195-149B-464A-AC6D-AE912F61F968}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{31893689-D375-40C8-8BE4-37BA52B579E6}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{32522893-3B8D-4B01-9364-FD3288EB852F}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{36D09FF8-BDCE-4CCC-9FB7-A2B39D41E7B8}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3A3AFCDD-1001-4EC4-B677-BCF12FB37379}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3AF49581-9D60-41F7-ACB4-EE73987BF7BA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3B0D65CC-DEC4-4043-BDFF-75E714A4A9C7}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3D42DAA7-B135-421D-BCBE-754A61D50008}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3E1A0BA2-16E7-40FF-8191-07C7B660494C}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3E643CBD-02CB-4EFB-ABC3-D6D461CB4EDE}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3E87C401-94A3-43EE-95CA-D859D54111B3}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{3EBFD3E1-CC50-4EAB-B61E-7476513C8584}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{43F32A28-B3AF-4485-B563-4212A322ACB4}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{4945C20D-1B08-4BFE-9F6E-B5FE862CCA56}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{4D6B04D2-BA96-4DF6-8544-9BFF631D1983}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{5094A4BB-0BEC-4B1B-9F6D-3DA846733FD8}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{50ABF988-70B5-44D9-8D89-DE72306E35AA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{51A3B619-CC9D-47A3-A802-F0B6B8860878}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{53ECD5A9-BB71-482F-A160-E07AC5779952}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{5473AC79-A1C8-49A6-8844-5F49C8F31559}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{580A8BCA-8FB7-4296-94E4-9E3A6C4B21E7}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{58CB139F-18C6-4075-9E4E-00ECE795C457}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{5CA9B644-3588-4141-8D14-A350EA7EDDAC}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{60DBF3AA-7863-4EED-8474-D78D45084571}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{61AAB5E9-60AA-4BF5-8305-51D2C2959563}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{638EF5CE-0479-43F3-8184-E8D1E4444A72}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{69FEEA90-C00E-4E26-8031-10C417BC4C84}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{6FC03076-FB23-4D92-B7F7-542547566C9A}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{6FE7CB0A-8F37-4EA2-91A6-16656050028E}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{74376272-DC93-47C8-BAF3-D494C88F288C}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{745E8C3F-CA38-4364-A920-58517D32F3A5}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{77231C88-6D8F-467A-8223-B856B2A7FCC9}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{78EC76B7-55DE-4FBC-8FA4-D4396D797FB0}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{796AC943-22AF-496E-8EF3-65FEB78705A3}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{7A698A32-04E7-4D27-9A62-D65C7C8519A4}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{7A852F41-7133-47F5-BC95-5812340E92AF}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{7A980D13-37F0-498B-90E8-EBEE0E46E678}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{802E7144-3B91-4E14-AA01-8C69A561B6EA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{80CEC50C-FB1E-48E2-BA62-B2B04F36886E}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{832A7894-9EC8-4A93-A37D-AC961422A53C}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{84589DB9-F28D-4CC0-A321-C355D0CF2C7D}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{887D6DC0-FE44-4E21-B1D1-0D3555A40E94}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{8FCEB798-5E33-4643-B866-24D30C06E803}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{909067EB-751E-48F6-9ADF-D995C4B4D1F3}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{98C81D44-EE0A-4DA1-A0C2-FC8E14F75C8D}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{9B40926A-F307-4931-9F84-49A652074A4E}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{9E859788-1033-4779-869C-EB5D38866470}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{9F3D1AD5-CFA7-4B2F-80DD-B970E55B5DC1}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{A2ECD75B-AB22-4A2F-89FC-8C2227EF964D}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{A319A750-5081-4EF1-8DC9-43B713AF2461}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{A7D3D55B-839A-4243-A764-66DB0B7F352C}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{A7ED21CA-42FE-4765-A07A-AF0D3E1E766A}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{A9C044CA-F4F4-4E69-8F30-A26226FBA9CF}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{AA2E6936-62CD-48B5-AB6B-B5290015C122}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{ACF6F5E8-7EF8-4BB9-920C-A8522A72CA7E}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BA9E1099-6153-4E2F-8735-3309C6974173}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BB3E9B22-CB16-4F7D-8814-BE2AC9B030BA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BBEF9A62-B7EF-4E92-B3C4-034AF3990C65}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BC11E2F6-908A-4A2E-B1EA-C6E596F4BECD}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BCD13450-D51F-454F-A511-040B77B50BDF}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BCE74906-2CE6-473C-9EED-9E0FE3ADA313}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BDAA1171-4769-4500-8475-DAC2E31BD7F6}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{BE2B1045-8A7B-4E22-B9F5-71E9140243F1}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{C6D0286A-6964-46C2-A72A-5F69B44AFD99}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{C7CA28A6-D85C-41E0-9310-A7BDADC7EFAF}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{C873A2D7-CB66-475C-B977-AF0AE3A9AF4F}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{CC1EA788-8162-4043-82F4-2AD9A24864AB}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{CF1B5AF5-9B27-44E1-AD85-5B3BFA0DFD03}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{D2905174-3C39-445A-B6C6-C6861F701379}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{D2F68971-EA88-40E3-8CB2-74ECE54C5780}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{D54A43E5-7CBF-47AD-B5F1-068916BEF8E3}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{D717FD2A-1A81-4877-A8C6-77A3260C3C50}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{DCD8E058-1285-468E-B373-A96B3F4BB548}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{DDC342CF-0E53-4B67-B08C-D6D8969F6010}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{DEB59F87-8C7D-4168-ABA1-54EF0FFBED76}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{DF5A1903-774E-4E0D-8CD6-F2FEADE9A685}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E1B9A26F-13B3-4A72-9337-57441FC4A9FC}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E46A8F8D-2199-44CD-89B8-47032D260A84}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E70DA2EC-50BF-4E61-B5E6-9B141D2A1565}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E888A4A8-6EA8-479A-9714-99AB577C77AF}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E8E8DDF3-0313-44F8-9C7D-D254BBA22330}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{E92E59B2-D098-4835-99F6-45C043D49357}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EA790CA3-97DF-4AB4-86D3-45BE65B15121}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EABF910D-CA92-4005-A274-DA33BA79B2A7}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EBFAD403-9DED-4A6F-BC1B-DAEE64E8A746}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EC186C32-A2E9-44B2-BB98-CFEA3B25B464}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EE48D312-55E7-403C-866A-B38EF7BA28C9}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EF69B79B-B263-48EC-8080-5B1EE0662287}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{EFD760C4-7036-4FA9-8484-CA4DC9D0FE31}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{F252AE0A-BCE1-41DB-BAF8-03604239F490}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{F6E6622D-A7CC-4CD3-B38F-B00F25AE438C}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{F989E6CC-1597-4F62-B0DB-9ACE32C581CA}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FD817AEB-B1DD-4BC9-8975-0EB20A924C06}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FDF35BD9-EE0E-481C-8F91-7B3FBAF8F124}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FE0B1AF4-7567-4DEB-A2C0-613566261A1F}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FE19DB56-2EF1-4949-82C6-319BC5C2F145}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FEA569A0-6BFB-48AE-A043-6449FB952DE3}
Successfully deleted: [Empty Folder] C:\Users\Sonne\appdata\local\{FF0CA269-C3C8-4D99-BAA4-3324EF202225}



~~~ FireFox

Successfully deleted: [File] C:\Users\Sonne\AppData\Roaming\mozilla\firefox\profiles\dxajxy9v.default\invalidprefs.js
Successfully deleted the following from C:\Users\Sonne\AppData\Roaming\mozilla\firefox\profiles\dxajxy9v.default\prefs.js

user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.js", "\n\n /************************************************************
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_91.code", "(function(e){var l=(function(){var N=0;var V=\"
user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "13f8457837f201772efa3b36c4517889");
Emptied folder: C:\Users\Sonne\AppData\Roaming\mozilla\firefox\profiles\dxajxy9v.default\minidumps [34 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Sonne\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.06.2013 at 20:58:47,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3e8e668595659046b8f4653235e3dee3
# engine=14179
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-27 08:12:20
# local_time=2013-06-27 10:12:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 4844 123993790 0 0
# scanned=157593
# found=4
# cleaned=0
# scan_time=4134
sh=5B2498D6F7DF1CB34FE61344403B1C51C7FAC205 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Program Files (x86)\LyricsFinder\chrome.crx"
sh=702D7C53508A8FAB03A3B51E8C305660ED1A4517 ft=1 fh=e8fad039ffdbfdf3 vn="a variant of Win32/Adware.AddLyrics.B application" ac=I fn="C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe"
sh=A2A3EAEF2995CE77A7368DC747688B191E0EFC2E ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Program Files (x86)\LyricsFinder\FF\chrome\content\main.js"
sh=9881845C0AAB3181A54EC7A0B70387521D9D3213 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Sonne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\436270f7-140e1683"

Unsupported operating system! Aborted!


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02
Ran by Sonne (administrator) on 27-06-2013 22:21:25
Running from C:\Users\Sonne\Desktop\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r [6310912 2010-06-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [ConMgr] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431504 2009-12-24] (CSR, plc)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-09-30] (Google Inc.)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643560 2013-03-01] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\Users\Sonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Cool Lyrics - {7C5D7930-FACC-4A25-AE26-51DDA83F3D75} - C:\Program Files (x86)\CoolLyrics\coolrcs.dll (CoolZone)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\Sonne\AppData\Roaming\Mozilla\Firefox\Profiles\dxajxy9v.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com

Chrome:
=======
CHR Extension: (Cool Lyrics) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0
CHR Extension: (Plus-HD-1.6) - C:\Users\Sonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.23.15_0

==================== Services (Whitelisted) =================

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-24] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)

==================== Drivers (Whitelisted) ====================

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-27 22:18 - 2013-06-27 22:18 - 00890988 ____A C:\Users\Sonne\Desktop\SecurityCheck.exe
2013-06-27 21:01 - 2013-06-27 22:16 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-27 21:00 - 2013-06-27 21:00 - 02347384 ____A (ESET) C:\Users\Sonne\Desktop\esetsmartinstaller_enu.exe
2013-06-27 20:58 - 2013-06-27 20:58 - 00016370 ____A C:\Users\Sonne\Desktop\JRT.txt
2013-06-27 20:54 - 2013-06-27 20:54 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 20:53 - 2013-06-27 20:53 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Sonne\Desktop\JRT.exe
2013-06-27 20:53 - 2013-06-27 20:53 - 00000000 ____D C:\JRT
2013-06-27 20:48 - 2013-06-27 20:48 - 00008719 ____A C:\AdwCleaner[S1].txt
2013-06-27 20:47 - 2013-06-27 20:47 - 00648201 ____A C:\Users\Sonne\Desktop\adwcleaner.exe
2013-06-27 18:54 - 2013-06-27 18:54 - 00007690 ____A C:\Windows\PFRO.log
2013-06-27 18:52 - 2013-06-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 17:40 - 2013-06-27 17:46 - 00000000 ____D C:\ComboFix
2013-06-27 13:02 - 2013-06-27 13:09 - 00000000 ____D C:\Windows\erdnt
2013-06-27 13:02 - 2013-06-27 13:02 - 00000000 ____D C:\Qoobox
2013-06-27 13:02 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-27 13:02 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-27 13:02 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-27 13:02 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-27 12:38 - 2013-06-27 20:50 - 00000616 ____A C:\Windows\setupact.log
2013-06-27 12:38 - 2013-06-27 12:38 - 00000000 ____A C:\Windows\setuperr.log
2013-06-27 11:07 - 2013-06-27 11:07 - 00000005 ____A C:\Users\Sonne\AppData\Roaming\WBPU-TTL.DAT
2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:08 - 2013-06-27 20:50 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 10:08 - 2013-06-27 13:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:34 - 2013-06-27 20:50 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 08:34 - 2013-06-27 20:50 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 08:34 - 2013-06-27 20:50 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 08:34 - 2013-06-27 20:50 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 08:34 - 2013-06-27 20:50 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:33 - 2013-06-27 20:50 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-12 12:14 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:14 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:14 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:14 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:14 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 12:14 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 12:14 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 12:14 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 12:14 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 12:14 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 12:14 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 21:17 - 2013-06-27 20:54 - 01923552 ____A C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2013-06-27 22:21 - 2011-10-01 10:55 - 00000000 ___RD C:\Users\Sonne\Desktop\Programme
2013-06-27 22:18 - 2013-06-27 22:18 - 00890988 ____A C:\Users\Sonne\Desktop\SecurityCheck.exe
2013-06-27 22:16 - 2013-06-27 21:01 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-27 21:41 - 2013-03-28 20:47 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 21:29 - 2011-09-30 23:16 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 21:00 - 2013-06-27 21:00 - 02347384 ____A (ESET) C:\Users\Sonne\Desktop\esetsmartinstaller_enu.exe
2013-06-27 20:58 - 2013-06-27 20:58 - 00016370 ____A C:\Users\Sonne\Desktop\JRT.txt
2013-06-27 20:57 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 20:57 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 20:54 - 2013-06-27 20:54 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 20:54 - 2013-06-07 21:17 - 01923552 ____A C:\Windows\WindowsUpdate.log
2013-06-27 20:53 - 2013-06-27 20:53 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Sonne\Desktop\JRT.exe
2013-06-27 20:53 - 2013-06-27 20:53 - 00000000 ____D C:\JRT
2013-06-27 20:50 - 2013-06-27 12:38 - 00000616 ____A C:\Windows\setupact.log
2013-06-27 20:50 - 2013-06-27 10:08 - 00000412 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-27 20:50 - 2013-06-27 08:34 - 00001906 ____A C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-06-27 20:50 - 2013-06-27 08:34 - 00001830 ____A C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-06-27 20:50 - 2013-06-27 08:34 - 00001198 ____A C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-06-27 20:50 - 2013-06-27 08:34 - 00001194 ____A C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-06-27 20:50 - 2013-06-27 08:34 - 00001098 ____A C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-06-27 20:50 - 2013-06-27 08:33 - 00000400 ____A C:\Windows\Tasks\Cool Lyrics Update.job
2013-06-27 20:50 - 2011-09-30 23:16 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 20:50 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 20:49 - 2013-05-10 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-27 20:48 - 2013-06-27 20:48 - 00008719 ____A C:\AdwCleaner[S1].txt
2013-06-27 20:47 - 2013-06-27 20:47 - 00648201 ____A C:\Users\Sonne\Desktop\adwcleaner.exe
2013-06-27 18:54 - 2013-06-27 18:54 - 00007690 ____A C:\Windows\PFRO.log
2013-06-27 18:52 - 2013-06-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-27 18:11 - 2011-10-01 15:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-27 18:08 - 2013-02-25 17:49 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Skype
2013-06-27 17:46 - 2013-06-27 17:40 - 00000000 ____D C:\ComboFix
2013-06-27 17:45 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-27 13:09 - 2013-06-27 13:02 - 00000000 ____D C:\Windows\erdnt
2013-06-27 13:08 - 2013-06-27 10:08 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-27 13:02 - 2013-06-27 13:02 - 00000000 ____D C:\Qoobox
2013-06-27 12:38 - 2013-06-27 12:38 - 00000000 ____A C:\Windows\setuperr.log
2013-06-27 11:07 - 2013-06-27 11:07 - 00000005 ____A C:\Users\Sonne\AppData\Roaming\WBPU-TTL.DAT
2013-06-27 10:56 - 2013-06-27 10:56 - 00000000 ____D C:\FRST
2013-06-27 10:07 - 2013-06-27 10:07 - 00000000 ____D C:\Users\Sonne\AppData\Roaming\Zip Opener Packages
2013-06-27 10:07 - 2013-04-17 16:39 - 00000000 ____D C:\Users\Sonne\AppData\Local\CrashDumps
2013-06-27 08:47 - 2013-06-27 08:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 08:47 - 2013-06-27 08:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-27 08:47 - 2011-10-05 15:29 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 08:47 - 2011-10-05 15:29 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-27 08:34 - 2013-06-27 08:34 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-06-27 08:34 - 2011-09-30 23:23 - 00000000 ____D C:\Users\Sonne\AppData\Local\Adobe
2013-06-27 08:33 - 2013-06-27 08:33 - 00000000 ____D C:\Program Files (x86)\CoolLyrics
2013-06-26 15:42 - 2011-09-30 23:55 - 00000000 ____D C:\Users\Sonne\Desktop\Fotos
2013-06-25 19:08 - 2011-02-14 14:57 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-25 19:08 - 2011-02-14 14:57 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-25 19:08 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 11:13 - 2011-02-14 14:43 - 00000000 ____D C:\Windows\Panther
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-24 10:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-06-24 10:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-06-24 10:02 - 2013-06-24 10:02 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-24 10:02 - 2013-06-24 10:02 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-24 10:02 - 2013-06-24 10:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-24 10:02 - 2013-06-24 10:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-24 10:02 - 2013-06-24 10:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-24 10:02 - 2013-06-24 10:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-24 10:02 - 2013-06-24 10:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-24 10:01 - 2013-06-24 10:01 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-24 10:01 - 2013-06-24 10:01 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-21 03:07 - 2011-04-16 12:56 - 01591930 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 17:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-18 14:59 - 2011-09-30 23:24 - 00000000 ____D C:\Users\Sonne\AppData\Local\Windows Live
2013-06-14 11:21 - 2013-03-28 20:46 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 11:21 - 2011-09-30 23:41 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 11:20 - 2013-06-14 11:20 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-07 21:14 - 2011-09-30 23:23 - 00000000 ____D C:\users\Sonne
2013-06-07 21:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 15:21

==================== End Of Log ============================
--- --- ---

--- --- ---


Soooo, alles erledigt :lach: und wie ist die Diagnose? :kloppen:


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:30 Uhr.
Seite 1 von 5 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131