Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Problem mit qvo6.com (https://www.trojaner-board.de/137405-problem-qvo6-com.html)

Canccel 29.06.2013 14:09
Problem mit qvo6.com
 
Guten Tag.

Ich durchsuche schon seit einigen Stunden das Netz nach Lösungsvorschlägen für mein Problem, allerdings hat bisher nichts geholfen.

Durch Zufall bin ich auf dieses Forum hier gestoßen. :)

Nun zum Problem:

Ich habe mir gestern den Jdownloader runtergeladen und installiert. Dabei habe ich wohl zu schnell geklickt und nebenbei noch andere diverse Toolbars mit installiert. Jedenfalls hatte ich nach der Installation eine Menge neues Zeug bei Firefox.

Seit dem ist es so, dass, wenn ich Firefox öffne, nicht Google als Startseite erscheint, sondern www.qvo6.com.

Interessant ist auch, dass sich ein Addon (ich glaube der Name war Tube HD) eingeschlichen hat der auf Youtube plötzlich Werbung vor Videobeginn anzeigte. Ich habe es über Systemsteuerung -> Programme deinstallieren entfernen können.

Das Problem mit dem qvo6 konnte ich aber nicht lösen.

Hat da jemand Lösungsvorschläge?
Was genau soll ich posten, um euch beim Helfen zu unterstützen?

LG und vielen Dank :dummguck:

schrauber 29.06.2013 14:09
hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Canccel 29.06.2013 14:31
Hi,

hier die beiden Logs

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2013 01
Ran by user at 2013-06-29 15:17:17
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

3D-Fahrschule Demo (x32 Version: )
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD AVIVO64 Codecs (Version: 11.7.0.11012)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
avast! Free Antivirus (x32 Version: 8.0.1483.0)
Bing Bar (x32 Version: 7.0.619.0)
Carambis Driver Updater (x32 Version: 1.2.3.2277)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 3.19)
Core Temp 1.0 RC3 (Version: 1.0)
CPUCooL (remove only) (x32)
Cursor Hider 1.6 (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.3.0297)
Deutsche Bahn Zubehörsset (HKCU)
Dual-Core Optimizer (x32 Version: 1.1.4.0169)
DX-Ball 2 v1.25 (x32)
Eisenbahn-Skins 1.0 (x32 Version: 1.0)
Empire Earth (x32)
EPU-4 Engine (x32 Version: 1.02.01)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
FMRTE 5.2.5 (Version: 5.2.5)
fmXML version 0.3 (x32)
Football Manager 2012 (x32)
Football Manager 2012 Editor (x32)
Football Manager 2013 (x32)
Football Manager 2013 Editor (x32)
Football Manager 2013 Resource Archiver (x32)
Fraps (x32)
Free YouTube to MP3 Converter version 3.11.35.1031 (x32 Version: 3.11.35.1031)
FSFDT FSCopilot (x32)
FSX Scenery ISTANBUL ATATURK AIRPORT (LTBA) (HKCU)
Futuremark SystemInfo (x32 Version: 4.9.0)
Google Chrome (x32 Version: 27.0.1453.116)
Google Drive (x32 Version: 1.10.4769.632)
Google Update Helper (x32 Version: 1.3.21.145)
HydraVision (x32 Version: 4.2.216.0)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
ISY USB Wireless Adapter (x32 Version: 1.0.0.13)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LiveVDO (x32 Version: 1.3)
Lyrics Fan (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Motherboard Monitor 5 (x32 Version: 5)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser und SDK (x32 Version: 4.20.9818.0)
NVIDIA PhysX (x32 Version: 9.09.0814)
Octoshape Streaming Services (HKCU)
OMSI - Der Omnibussimulator (x32 Version: 1.00)
OMSI Addon Manager Version 1.2.4 (x32 Version: 1.2.4)
OMSI Spitterberg V 2.0 (HKCU)
OpenAL (x32)
PC Connectivity Solution (x32 Version: 8.15.0.0)
PUSH Entertainment - Watery Desktop 3D (Version: 3.52)
RadarSync PC Updater 2011 (driver updates & patches)  (HKCU Version: )
Railworks 3 Train Simulator 2012 Deluxe (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.46.610.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6402)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (x32 Version: 6.83.6.2.1)
SimCity 4 Deluxe (x32)
Solaris Urbino 12 III by CNB-Projekts for OMSI (HKCU)
SpeedFan (remove only) (x32)
St. Ilsensee Map for OMSI Version 1.5 (x32 Version: 1.5)
Steam (x32 Version: 1.0.0.0)
Stellarium 0.11.3 (x32)
System Requirements Lab CYRI (x32 Version: 4.5.1.0)
Tournament Manager Pro V.3.1.0 (x32)
Traffic Simulator Configuration Tool (HKCU)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
WinRAR 4.10 (64-Bit) (Version: 4.10.0)

==================== Restore Points  =========================

15-06-2013 22:24:50 Windows Update
21-06-2013 17:25:37 Windows Update
25-06-2013 13:44:11 Windows Update
27-06-2013 15:23:57 Installed Empire Earth II
29-06-2013 08:20:09 Configured Microsoft Flight Simulator X Demo
29-06-2013 08:51:25 Installed SpyHunter
29-06-2013 08:52:34 Removed SpyHunter
29-06-2013 09:14:05 Installed SpyHunter
29-06-2013 11:18:40 Removed SpyHunter
29-06-2013 11:43:54 Configured Command & Conquer Generals
29-06-2013 11:45:02 Removed Empire Earth II
29-06-2013 12:08:58 Removed Command & Conquer 3 Tiberium Wars(TM) Worldbuilder

==================== Scheduled Tasks (whitelisted) =============

Task: {15D57AF2-B506-4760-97CD-77396F2DEE04} - System32\Tasks\{D573CB1F-38FA-45D0-943D-312A90084A8A} => C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe No File
Task: {1DFDA9D8-3212-48FC-ACCA-8445429B9B75} - System32\Tasks\User_Feed_Synchronization-{1C182DFC-5029-4741-8886-294A88CA77EF} => C:\Windows\system32\msfeedssync.exe [2013-05-30] (Microsoft Corporation)
Task: {214684AA-CD35-45D9-A0CB-E924C0A1671F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {34D561E9-1C00-498E-A908-FA0802CC5330} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {3FC076D7-29B4-45AE-8CA0-1A99BE911CED} - System32\Tasks\{1D935087-4A6C-4549-B129-DFCE2AB32605} => C:\Program Files (x86)\OMSI Addon Manager\OMSI Addon Manager.exe [2011-12-28] (Jan Kiesewalter)
Task: {4CEEBE50-8C3D-4BBA-8813-E95AD5D8618D} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2012-03-26] (Almico Software (www.almico.com))
Task: {50D29159-4FA3-4AF2-936D-5D299CC4D857} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {65903B5C-BB87-4CC9-8E2C-15029DD7CA66} - System32\Tasks\{26E8383E-2104-43BB-BB7A-1598A39B437A} => C:\Program Files (x86)\Half-Life 2\hl2.exe No File
Task: {73FE7AE4-DEEA-465C-B7FF-A300E40E9408} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {852F46FE-649F-42DD-976B-FBE2228547A8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-07] (AVAST Software)
Task: {970AE87D-378A-4BBB-AB36-2805D5B321D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10] (Google Inc.)
Task: {ADE3C44E-2036-44D8-A491-C1139409954A} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {AEC5D78F-8EDC-48CA-B8EF-F59DD3CF5AE1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {BE795637-64FA-4EF6-8D5D-D155F9D34065} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {C1DD546B-886C-4567-8148-B4AA9B6454C1} - System32\Tasks\Lyrics Fan Update => C:\Program Files (x86)\LyricsFan\LyricsFanUpdater.exe [2013-06-03] (FAN Software)
Task: {CE7E7B94-DC5E-43FD-843D-AEE195E682B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-10] (Google Inc.)
Task: {E894C0B5-13D8-48D0-A216-1BD6429AE57C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {EC6BB631-F120-48EF-9035-0C99F8F90E5D} - System32\Tasks\{4794A9F0-C26A-4456-B1CC-09E6A90EAD2D} => C:\Program Files (x86)\Grandia2\Grandia2.exe No File
Task: {FE79C2E8-466F-4DA8-9EB9-36DAB41F1060} - System32\Tasks\{FF8DBBFC-9647-4550-8320-7E73AC68A25E} => C:\Program Files (x86)\Metro 2033 Demo\metro2033.exe No File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Fan Update.job => C:\Program Files (x86)\LyricsFan\LyricsFanUpdater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2013 02:04:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x3da6a14d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x77121221
ID des fehlerhaften Prozesses: 0x1408
Startzeit der fehlerhaften Anwendung: 0xuninstall.exe_unknown0
Pfad der fehlerhaften Anwendung: uninstall.exe_unknown1
Pfad des fehlerhaften Moduls: uninstall.exe_unknown2
Berichtskennung: uninstall.exe_unknown3

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/29/2013 01:27:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (06/14/2013 07:53:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (06/14/2013 07:53:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (06/14/2013 07:53:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (06/14/2013 07:52:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (06/14/2013 07:52:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (06/29/2013 02:16:21 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (06/29/2013 02:15:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 01:32:45 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (06/29/2013 01:31:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 11:09:08 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (06/29/2013 11:08:37 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (06/29/2013 11:08:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 10:08:23 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (06/29/2013 10:07:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/28/2013 00:03:56 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr


Microsoft Office Sessions:
=========================
Error: (06/29/2013 02:04:40 PM) (Source: Application Error)(User: )
Description: uninstall.exe_unknown0.0.0.03da6a14dunknown0.0.0.000000000c000041d77121221140801ce74c0d3f67409C:\Program Files (x86)\3D-Fahrschule Demo\uninstall.exeunknown130b2f58-e0b4-11e2-805b-5404a67e3624

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/29/2013 01:51:32 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (06/29/2013 01:27:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\$Recycle.Bin\S-1-5-21-3901427841-3076052505-489386736-1000\$RDTKD4D.exe

Error: (06/14/2013 07:53:09 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\user\Desktop\SoftonicDownloader_fuer_painttool-sai.exe

Error: (06/14/2013 07:53:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\user\Desktop\SoftonicDownloader_fuer_painttool-sai.exe

Error: (06/14/2013 07:53:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\user\Desktop\SoftonicDownloader_fuer_painttool-sai.exe

Error: (06/14/2013 07:52:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\user\Desktop\SoftonicDownloader_fuer_painttool-sai.exe

Error: (06/14/2013 07:52:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\user\Desktop\SoftonicDownloader_fuer_painttool-sai.exe


CodeIntegrity Errors:
===================================
  Date: 2013-06-29 14:14:29.780
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 14:14:29.733
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 13:31:05.374
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 13:31:05.312
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 11:07:40.201
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 11:07:40.138
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 10:07:13.995
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-29 10:07:13.932
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-28 12:02:00.029
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-28 12:01:59.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 8174.12 MB
Available physical RAM: 4676 MB
Total Pagefile: 16346.42 MB
Available Pagefile: 12956.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:328.86 GB) NTFS (Disk=0 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4D72892B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by user (administrator) on 29-06-2013 15:16:49
Running from C:\Users\user\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Softexe.com) C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11905128 2011-06-28] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-12] (AMD)
HKCU\...\Run: [Octoshape Streaming Services] "C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun [107800 2011-03-24] (Octoshape ApS)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
MountPoints2: {1c8adca6-71ae-11e1-b094-5404a67e3624} - F:\autorun.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Cursor Hider.lnk
ShortcutTarget: Cursor Hider.lnk -> C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe (Softexe.com)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan (2).lnk
ShortcutTarget: SpeedFan (2).lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {06DEB705-C1D0-5375-3504-7765E1F31A3E} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {4D8972D6-633B-D669-19BC-24A53B34D6D2} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKCU - {06DEB705-C1D0-5375-3504-7765E1F31A3E} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKCU - {C6FC75D5-3A33-4B0C-BE57-6AE46924B65A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=crm&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYDE&apn_uid=E69487FA-AB34-439A-AB30-12FA1C9EEC26&apn_sauid=FB30E5BD-50AA-4710-BED3-8161CF9143AC&
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll (FAN Software)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\user.js
FF Homepage: google.de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Aliasing Tuner - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\aatuner@hotmint.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\ich@maltegoetz.de
FF Extension: info - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] C:\Program Files (x86)\LyricsFan\FF\
FF Extension: No Name - C:\Program Files (x86)\LyricsFan\FF\

Chrome:
=======
CHR Extension: (avast! WebRep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-02-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-22] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-02-24] ()
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
S3 ALSysIO; \??\C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]
U3 kxtdapob; \??\C:\Users\user\AppData\Local\Temp\kxtdapob.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00648201 ____A C:\Users\user\Desktop\adwcleaner2303.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 13:20 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-28 15:30 - 2013-06-29 14:15 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-27 08:13 - 2013-06-27 08:18 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:10 - 2013-06-27 08:16 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-18 15:39 - 2012-09-08 10:54 - 03325952 ____A C:\Users\user\Desktop\FM Speeder.exe
2013-06-16 00:25 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 00:25 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 00:25 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 00:25 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 00:25 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 21:49 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 21:49 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 21:49 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 21:49 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 18:18 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 18:18 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 18:18 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 18:18 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 18:18 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 18:18 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 18:18 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 18:18 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-30 22:44 - 2013-05-30 22:51 - 00009534 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:36 - 2012-02-10 16:41 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:23 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-29 14:23 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-29 14:19 - 2002-01-01 20:41 - 01787132 ____A C:\Windows\WindowsUpdate.log
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:15 - 2013-06-28 15:30 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-29 14:14 - 2012-04-11 12:43 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-06-29 14:14 - 2012-02-10 16:41 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-29 14:14 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 14:14 - 2009-07-14 06:51 - 00116815 ____A C:\Windows\setupact.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 14:04 - 2012-02-10 22:18 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2013-06-29 14:00 - 2013-03-24 11:15 - 00000000 ____D C:\Users\user\Desktop\Alles was mit Omsi zu hat
2013-06-29 13:51 - 2010-11-21 08:50 - 01830594 ____A C:\Windows\System32\perfh007.dat
2013-06-29 13:51 - 2010-11-21 08:50 - 00494264 ____A C:\Windows\System32\perfc007.dat
2013-06-29 13:51 - 2009-07-14 07:13 - 00005414 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 13:47 - 2012-02-08 14:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-29 13:46 - 2012-07-31 22:38 - 00000000 ____D C:\Program Files (x86)\Grandia2
2013-06-29 13:44 - 2012-06-20 11:47 - 00000000 ____D C:\Users\user\Desktop\Games
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 13:20 - 2013-06-29 10:51 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 11:07 - 2010-11-21 05:47 - 00533550 ____A C:\Windows\PFRO.log
2013-06-29 11:07 - 2009-07-14 06:45 - 00269032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00648201 ____A C:\Users\user\Desktop\adwcleaner2303.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 11:04 - 2012-05-17 18:47 - 00001130 ____A C:\Users\user\Desktop\Mozilla Firefox.lnk
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-29 10:37 - 2012-02-10 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-29 10:28 - 2012-02-08 14:18 - 00058016 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 10:23 - 2012-02-12 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-06-29 10:19 - 2012-04-05 21:14 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:12 - 2011-06-11 02:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-06-28 15:12 - 2011-06-11 02:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-28 12:19 - 2012-02-27 15:27 - 06644224 __ASH C:\Users\user\Desktop\Thumbs.db
2013-06-27 17:23 - 2012-02-22 13:16 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2013-06-27 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-27 09:32 - 2013-03-30 23:44 - 00000000 ____D C:\Users\user\Documents\SimCity 4
2013-06-27 08:18 - 2013-06-27 08:13 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:18 - 2013-02-05 21:47 - 00000000 ____D C:\Users\user\Desktop\Musik
2013-06-27 08:16 - 2013-06-27 08:10 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-12 21:50 - 2012-02-10 17:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 16:08 - 2013-06-16 00:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 00:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 00:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-03 17:14 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 09:26 - 2012-03-08 21:46 - 00000000 ____D C:\ProgramData\Adobe
2013-05-31 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-30 22:51 - 2013-05-30 22:44 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-27 16:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

schrauber 29.06.2013 14:32
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST Log bitte.

Canccel 29.06.2013 14:56
Code:
# AdwCleaner v2.303 - Datei am 29/06/2013 um 15:40:56 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : user - USER-NB
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\user\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

-\\ Google Chrome v27.0.1453.116

-\\ Chromium vnstall: 17477

*************************

AdwCleaner[R1].txt - [23531 octets] - [29/06/2013 11:05:47]
AdwCleaner[R2].txt - [1039 octets] - [29/06/2013 13:28:34]
AdwCleaner[R3].txt - [1032 octets] - [29/06/2013 15:40:22]
AdwCleaner[S1].txt - [22858 octets] - [29/06/2013 11:06:16]
AdwCleaner[S2].txt - [1102 octets] - [29/06/2013 13:29:22]
AdwCleaner[S3].txt - [330 octets] - [29/06/2013 15:40:45]
AdwCleaner[S4].txt - [1026 octets] - [29/06/2013 15:40:56]

########## EOF - C:\AdwCleaner[S4].txt - [1086 octets] ##########

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by user on 29.06.2013 at 15:47:16,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{06DEB705-C1D0-5375-3504-7765E1F31A3E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C6FC75D5-3A33-4B0C-BE57-6AE46924B65A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4D8972D6-633B-D669-19BC-24A53B34D6D2}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\hmn"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\sdiv 2.0"
Successfully deleted: [Folder] "C:\Users\user\appdata\local\tempdir"
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{05B7E9D5-5093-4317-B5D6-9C2FF03E54EC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{10D71AF5-D25D-4D28-8171-400E57DB6EE1}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{161EA0FD-966F-4AC8-9941-A9CB986DC6FA}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{176B3B4E-1C20-464C-8D5A-7EFBE945C28F}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{17BB64DB-5142-4F91-9BA3-15312BB3EB87}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{1A32D648-8666-4901-BFB0-12D3E884B818}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2C3D6996-29A8-4084-9395-BA26BB64A821}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{2F309C59-866A-4BE0-942C-E786BC5F585E}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{32C5C56C-D02D-4A12-B29F-BF3406E89FAD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{388BB8C2-520E-4041-BA25-72D42564690D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{3F172D51-2F00-443C-9C2F-ECECDCDA69AD}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{40258794-4076-4E6B-8565-4C6444C3D4A7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{4BBCBDD6-54D0-464B-9A5A-ADAB6B1967AC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6A93F73B-D4C9-41E9-96FB-54CFE412FFBC}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6AB3E59B-3B98-4D98-8FD1-5B397055E8B6}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6AF555E7-0DF8-45FD-8879-CE431E4BFE72}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{6BBDBE89-5EEC-4D4C-8D21-CA499A47F7F0}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{73BAF9A8-C005-40C9-8EAB-2F6F8037AB96}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{7D0B7D70-CC6E-42FD-A26F-663DACC9C5B2}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8A44E1F8-5E57-4B6D-A35D-E1DEEE529066}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{8FF83436-EB9E-4DE0-A944-4E3D9E8B2C25}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9622249E-8E45-4DBB-B603-F182AAAF7B0D}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{9D346489-41D0-4757-BCA6-3A0AE1C42D9A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{A0E9DE18-27A6-41F1-9DC8-4883BA62F088}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{AE58BC9E-7CCF-4CA0-B78E-045ED709E80B}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{B6C9AFB2-A376-4338-9BBF-ADEF4E6EBE1A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{BC958EB4-1182-48FD-86E4-00715F592A33}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{CCEBED17-E4F5-43F4-8FE8-6BFBAE779BF7}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{DFD93C95-2E39-4719-AFC3-43DFBF79033A}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{E1145DB1-3BC2-4058-9EBC-1FC03F75CB62}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{EEB75DCB-84F0-43BD-8505-5D6AC7A21371}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F5D30B8D-7B0F-4705-AF07-C1B0EA5FF7B0}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{F5DB12A9-2BF7-49E9-84CB-63D15382F353}
Successfully deleted: [Empty Folder] C:\Users\user\appdata\local\{FBE3EC8B-AC45-4751-819A-B74EAAC58692}
Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\asktoolbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\s6lm9b1t.default\user.js
Successfully deleted the following from C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\s6lm9b1t.default\prefs.js

user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultengine", "Web Search");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=050412_30b");
user_pref("extensions.BabylonToolbar.bbDpng", 6);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.id", "de58911d00000000000008863b95c7ea");
user_pref("extensions.BabylonToolbar.instlDay", "15663");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.lastDP", 6);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1721:13:36");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 72264099);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=de58911d00000000000008863b95c7ea&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1721:13:36");
user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=050412_30b");
user_pref("extensions.BabylonToolbar_i.hardId", "de58911d0000000000005404a67e3624");
user_pref("extensions.BabylonToolbar_i.id", "de58911d0000000000005404a67e3624");
user_pref("extensions.BabylonToolbar_i.instlDay", "15435");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=050412_30b&babsrc=NT_ss&mntrId=de58911d0000000000005404a67e3624");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.80:08:47");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.crossrider.bic", "13f8efb741af1cb5b06cc7f25f652840");
user_pref("extensions.fbdownloader.issearch", true);
Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\s6lm9b1t.default\minidumps [887 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.06.2013 at 15:51:50,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und das frische FRST Log:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by user (administrator) on 29-06-2013 15:55:24
Running from C:\Users\user\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Softexe.com) C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11905128 2011-06-28] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-12] (AMD)
HKCU\...\Run: [Octoshape Streaming Services] "C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun [107800 2011-03-24] (Octoshape ApS)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {1c8adca6-71ae-11e1-b094-5404a67e3624} - F:\autorun.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Cursor Hider.lnk
ShortcutTarget: Cursor Hider.lnk -> C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe (Softexe.com)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan (2).lnk
ShortcutTarget: SpeedFan (2).lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {06DEB705-C1D0-5375-3504-7765E1F31A3E} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll (FAN Software)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default
FF Homepage: google.de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Aliasing Tuner - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\aatuner@hotmint.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\ich@maltegoetz.de
FF Extension: info - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] C:\Program Files (x86)\LyricsFan\FF\
FF Extension: No Name - C:\Program Files (x86)\LyricsFan\FF\

Chrome:
=======
CHR Extension: (avast! WebRep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-02-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-22] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-02-24] ()
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
S3 ALSysIO; \??\C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:40 - 2013-06-29 15:41 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 13:20 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-28 15:30 - 2013-06-29 15:42 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-27 08:13 - 2013-06-27 08:18 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:10 - 2013-06-27 08:16 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-18 15:39 - 2012-09-08 10:54 - 03325952 ____A C:\Users\user\Desktop\FM Speeder.exe
2013-06-16 00:25 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 00:25 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 00:25 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 00:25 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 00:25 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 21:49 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 21:49 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 21:49 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 21:49 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 18:18 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 18:18 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 18:18 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 18:18 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 18:18 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 18:18 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 18:18 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 18:18 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-30 22:44 - 2013-05-30 22:51 - 00009534 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:50 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-29 15:50 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:46 - 2002-01-01 20:41 - 01795840 ____A C:\Windows\WindowsUpdate.log
2013-06-29 15:42 - 2013-06-28 15:30 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-29 15:42 - 2012-04-11 12:43 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-06-29 15:42 - 2012-02-10 16:41 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-29 15:42 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 15:42 - 2009-07-14 06:51 - 00116871 ____A C:\Windows\setupact.log
2013-06-29 15:41 - 2013-06-29 15:40 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:36 - 2012-02-10 16:41 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 14:04 - 2012-02-10 22:18 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2013-06-29 14:00 - 2013-03-24 11:15 - 00000000 ____D C:\Users\user\Desktop\Alles was mit Omsi zu hat
2013-06-29 13:51 - 2010-11-21 08:50 - 01830594 ____A C:\Windows\System32\perfh007.dat
2013-06-29 13:51 - 2010-11-21 08:50 - 00494264 ____A C:\Windows\System32\perfc007.dat
2013-06-29 13:51 - 2009-07-14 07:13 - 00005414 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 13:47 - 2012-02-08 14:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-29 13:46 - 2012-07-31 22:38 - 00000000 ____D C:\Program Files (x86)\Grandia2
2013-06-29 13:44 - 2012-06-20 11:47 - 00000000 ____D C:\Users\user\Desktop\Games
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 13:20 - 2013-06-29 10:51 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 11:07 - 2010-11-21 05:47 - 00533550 ____A C:\Windows\PFRO.log
2013-06-29 11:07 - 2009-07-14 06:45 - 00269032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 11:04 - 2012-05-17 18:47 - 00001130 ____A C:\Users\user\Desktop\Mozilla Firefox.lnk
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-29 10:37 - 2012-02-10 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-29 10:28 - 2012-02-08 14:18 - 00058016 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 10:23 - 2012-02-12 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-06-29 10:19 - 2012-04-05 21:14 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:12 - 2011-06-11 02:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-06-28 15:12 - 2011-06-11 02:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-28 12:19 - 2012-02-27 15:27 - 06644224 __ASH C:\Users\user\Desktop\Thumbs.db
2013-06-27 17:23 - 2012-02-22 13:16 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2013-06-27 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-27 09:32 - 2013-03-30 23:44 - 00000000 ____D C:\Users\user\Documents\SimCity 4
2013-06-27 08:18 - 2013-06-27 08:13 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:18 - 2013-02-05 21:47 - 00000000 ____D C:\Users\user\Desktop\Musik
2013-06-27 08:16 - 2013-06-27 08:10 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-12 21:50 - 2012-02-10 17:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 16:08 - 2013-06-16 00:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 00:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 00:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-03 17:14 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 09:26 - 2012-03-08 21:46 - 00000000 ____D C:\ProgramData\Adobe
2013-05-31 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-30 22:51 - 2013-05-30 22:44 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-27 16:19

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 29.06.2013 15:08

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log. Noch Probleme? :)

Canccel 29.06.2013 17:30
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=28d98cc85f8b30499ea92ab71fccf8f8
# engine=14200
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-29 04:20:48
# local_time=2013-06-29 06:20:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 7792967 149232720 0 0
# compatibility_mode=5893 16776573 100 94 8723 124152698 0 0
# scanned=607442
# found=0
# cleaned=0
# scan_time=7237

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by user (administrator) on 29-06-2013 18:27:36
Running from C:\Users\user\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Softexe.com) C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11905128 2011-06-28] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-12] (AMD)
HKCU\...\Run: [Octoshape Streaming Services] "C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun [107800 2011-03-24] (Octoshape ApS)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update plugin [813448 2013-05-19] (Adobe Systems Incorporated)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {1c8adca6-71ae-11e1-b094-5404a67e3624} - F:\autorun.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Cursor Hider.lnk
ShortcutTarget: Cursor Hider.lnk -> C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe (Softexe.com)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan (2).lnk
ShortcutTarget: SpeedFan (2).lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {06DEB705-C1D0-5375-3504-7765E1F31A3E} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll (FAN Software)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default
FF Homepage: google.de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Aliasing Tuner - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\aatuner@hotmint.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\ich@maltegoetz.de
FF Extension: info - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] C:\Program Files (x86)\LyricsFan\FF\
FF Extension: No Name - C:\Program Files (x86)\LyricsFan\FF\

Chrome:
=======
CHR Extension: (avast! WebRep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-02-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-22] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-02-24] ()
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
S3 ALSysIO; \??\C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 16:25 - 2013-06-29 16:25 - 00890988 ____A C:\Users\user\Desktop\SecurityCheck.exe
2013-06-29 16:18 - 2013-06-29 16:18 - 02347384 ____A (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:40 - 2013-06-29 15:41 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 13:20 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-28 15:30 - 2013-06-29 15:42 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-27 08:13 - 2013-06-27 08:18 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:10 - 2013-06-27 08:16 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-18 15:39 - 2012-09-08 10:54 - 03325952 ____A C:\Users\user\Desktop\FM Speeder.exe
2013-06-16 00:25 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 00:25 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 00:25 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 00:25 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 00:25 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 21:49 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 21:49 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 21:49 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 21:49 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 18:18 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 18:18 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 18:18 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 18:18 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 18:18 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 18:18 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 18:18 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 18:18 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-30 22:44 - 2013-05-30 22:51 - 00009534 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-06-29 17:36 - 2012-02-10 16:41 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-29 17:35 - 2002-01-01 20:41 - 01799900 ____A C:\Windows\WindowsUpdate.log
2013-06-29 16:25 - 2013-06-29 16:25 - 00890988 ____A C:\Users\user\Desktop\SecurityCheck.exe
2013-06-29 16:18 - 2013-06-29 16:18 - 02347384 ____A (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:50 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-29 15:50 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:42 - 2013-06-28 15:30 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-29 15:42 - 2012-04-11 12:43 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-06-29 15:42 - 2012-02-10 16:41 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-29 15:42 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 15:42 - 2009-07-14 06:51 - 00116871 ____A C:\Windows\setupact.log
2013-06-29 15:41 - 2013-06-29 15:40 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 14:04 - 2012-02-10 22:18 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2013-06-29 14:00 - 2013-03-24 11:15 - 00000000 ____D C:\Users\user\Desktop\Alles was mit Omsi zu hat
2013-06-29 13:51 - 2010-11-21 08:50 - 01830594 ____A C:\Windows\System32\perfh007.dat
2013-06-29 13:51 - 2010-11-21 08:50 - 00494264 ____A C:\Windows\System32\perfc007.dat
2013-06-29 13:51 - 2009-07-14 07:13 - 00005414 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 13:47 - 2012-02-08 14:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-29 13:46 - 2012-07-31 22:38 - 00000000 ____D C:\Program Files (x86)\Grandia2
2013-06-29 13:44 - 2012-06-20 11:47 - 00000000 ____D C:\Users\user\Desktop\Games
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 13:20 - 2013-06-29 10:51 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 11:07 - 2010-11-21 05:47 - 00533550 ____A C:\Windows\PFRO.log
2013-06-29 11:07 - 2009-07-14 06:45 - 00269032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 11:04 - 2012-05-17 18:47 - 00001130 ____A C:\Users\user\Desktop\Mozilla Firefox.lnk
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-29 10:37 - 2012-02-10 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-29 10:28 - 2012-02-08 14:18 - 00058016 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 10:23 - 2012-02-12 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-06-29 10:19 - 2012-04-05 21:14 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
2013-06-28 15:12 - 2011-06-11 02:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-06-28 15:12 - 2011-06-11 02:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-28 12:19 - 2012-02-27 15:27 - 06644224 __ASH C:\Users\user\Desktop\Thumbs.db
2013-06-27 17:23 - 2012-02-22 13:16 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2013-06-27 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-27 09:32 - 2013-03-30 23:44 - 00000000 ____D C:\Users\user\Documents\SimCity 4
2013-06-27 08:18 - 2013-06-27 08:13 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:18 - 2013-02-05 21:47 - 00000000 ____D C:\Users\user\Desktop\Musik
2013-06-27 08:16 - 2013-06-27 08:10 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-12 21:50 - 2012-02-10 17:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 16:08 - 2013-06-16 00:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 00:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 00:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-03 17:14 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 09:26 - 2012-03-08 21:46 - 00000000 ____D C:\ProgramData\Adobe
2013-05-31 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-30 22:51 - 2013-05-30 22:44 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-30 22:46 - 2013-05-30 22:46 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-30 22:46 - 2013-05-30 22:46 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-30 22:46 - 2013-05-30 22:46 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-30 22:46 - 2013-05-30 22:46 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-30 22:46 - 2013-05-30 22:46 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-30 22:46 - 2013-05-30 22:46 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-27 16:19

==================== End Of Log ============================
--- --- ---

--- --- ---


Der Security Check funktionierte nicht.
Folgende Meldung kam auf "UNSUPPORTED OPERATING SYSTEM! ABORTED!"

Das qvo6-Problem besteht leider weiterhin :confused:

schrauber 29.06.2013 19:15
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
SearchScopes: HKLM - {06DEB705-C1D0-5375-3504-7765E1F31A3E} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHDS721050CLA662_JP1522JE3HTV7H3HTV7HX&ts=3342393
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Lyrics Fan - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Program Files (x86)\LyricsFan\lrcfan.dll (FAN Software)
FF HKCU\...\Firefox\Extensions: [lrcfan@fansoft.br] C:\Program Files (x86)\LyricsFan\FF\
FF Extension: No Name - C:\Program Files (x86)\LyricsFan\FF\
2013-06-28 15:30 - 2013-06-29 15:42 - 00000392 ____A C:\Windows\Tasks\Lyrics Fan Update.job
2013-06-28 15:30 - 2013-06-28 15:30 - 00423709 ____A C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Users\user\AppData\Roaming\mysearchdial
2013-06-28 15:30 - 2013-06-28 15:30 - 00000000 ____D C:\Program Files (x86)\LyricsFan
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


und ein frisches FRST Log. Noch Probleme?

Canccel 29.06.2013 19:26
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-06-2013 01
Ran by user at 2013-06-29 20:25:06 Run:1
Running from C:\Users\user\Desktop
Boot Mode: Normal
==============================================

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{06DEB705-C1D0-5375-3504-7765E1F31A3E} => Key deleted successfully.
HKCR\CLSID\{06DEB705-C1D0-5375-3504-7765E1F31A3E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8720491-9558-4C0D-9E35-30EED15DFB2B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A8720491-9558-4C0D-9E35-30EED15DFB2B} => Key deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\lrcfan@fansoft.br => Value deleted successfully.
C:\Program Files (x86)\LyricsFan\FF\ => Moved successfully.
C:\Windows\Tasks\Lyrics Fan Update.job => Moved successfully.
C:\Users\user\AppData\Local\mysearchdial_speedial_v9.0.2.crx => Moved successfully.
C:\Users\user\AppData\Roaming\mysearchdial => Moved successfully.
C:\Program Files (x86)\LyricsFan => Moved successfully.

==== End of Fixlog ====

schrauber 29.06.2013 21:24
Na noch Probleme? :)

Canccel 29.06.2013 22:00
Ja, sobald ich Firefox öffne startet weiterhin www.qvo6.com anstatt google.com :confused:

schrauber 30.06.2013 07:32
poste mal bitte ein frisches FRST Logfile.

Canccel 30.06.2013 10:48
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by user (administrator) on 30-06-2013 11:47:52
Running from C:\Users\user\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\CPUCooL\CooLSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Octoshape ApS) C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Softexe.com) C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11905128 2011-06-28] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-12] (AMD)
HKCU\...\Run: [Octoshape Streaming Services] "C:\Users\user\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun [107800 2011-03-24] (Octoshape ApS)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {1c8adca6-71ae-11e1-b094-5404a67e3624} - F:\autorun.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Cursor Hider.lnk
ShortcutTarget: Cursor Hider.lnk -> C:\Program Files (x86)\Softexe\Cursor Hider\CursorHider.exe (Softexe.com)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan (2).lnk
ShortcutTarget: SpeedFan (2).lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default
FF Homepage: google.de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Aliasing Tuner - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\aatuner@hotmint.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\ich@maltegoetz.de
FF Extension: info - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Extension: (avast! WebRep) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-02-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-22] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-02-24] ()
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
S3 ALSysIO; \??\C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 16:25 - 2013-06-29 16:25 - 00890988 ____A C:\Users\user\Desktop\SecurityCheck.exe
2013-06-29 16:18 - 2013-06-29 16:18 - 02347384 ____A (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:40 - 2013-06-29 15:41 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 13:20 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-27 08:13 - 2013-06-27 08:18 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:10 - 2013-06-27 08:16 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-18 15:39 - 2012-09-08 10:54 - 03325952 ____A C:\Users\user\Desktop\FM Speeder.exe
2013-06-16 00:25 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 00:25 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 00:25 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 00:25 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 00:25 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 00:25 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 00:25 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 21:49 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:49 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 21:49 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 21:49 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 21:49 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 21:49 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 18:18 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 18:18 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 18:18 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 18:18 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 18:18 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 18:18 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 18:18 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 18:18 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 18:18 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 18:18 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 18:18 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 18:18 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

==================== One Month Modified Files and Folders =======

2013-06-30 11:44 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-30 11:44 - 2009-07-14 06:45 - 00021856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-30 11:37 - 2012-02-10 16:41 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-30 11:36 - 2012-04-11 12:43 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-06-30 11:36 - 2010-11-21 05:47 - 00534384 ____A C:\Windows\PFRO.log
2013-06-30 11:36 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-30 11:36 - 2009-07-14 06:51 - 00116927 ____A C:\Windows\setupact.log
2013-06-30 00:27 - 2002-01-01 20:41 - 01842247 ____A C:\Windows\WindowsUpdate.log
2013-06-29 23:36 - 2012-02-10 16:41 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-29 18:30 - 2012-02-10 22:18 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2013-06-29 16:25 - 2013-06-29 16:25 - 00890988 ____A C:\Users\user\Desktop\SecurityCheck.exe
2013-06-29 16:18 - 2013-06-29 16:18 - 02347384 ____A (ESET) C:\Users\user\Desktop\esetsmartinstaller_enu.exe
2013-06-29 15:51 - 2013-06-29 15:51 - 00009012 ____A C:\Users\user\Desktop\JRT.txt
2013-06-29 15:47 - 2013-06-29 15:47 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 15:46 - 2013-06-29 15:46 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\user\Desktop\JRT.exe
2013-06-29 15:46 - 2013-06-29 15:46 - 00000000 ____D C:\JRT
2013-06-29 15:41 - 2013-06-29 15:40 - 00001155 ____A C:\AdwCleaner[S4].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00648201 ____A C:\Users\user\Desktop\adwcleaner.exe
2013-06-29 15:40 - 2013-06-29 15:40 - 00001032 ____A C:\AdwCleaner[R3].txt
2013-06-29 15:40 - 2013-06-29 15:40 - 00000330 ____A C:\AdwCleaner[S3].txt
2013-06-29 15:16 - 2013-06-29 15:16 - 01933592 ____A (Farbar) C:\Users\user\Desktop\FRST64.exe
2013-06-29 15:16 - 2013-06-29 15:16 - 00000000 ____D C:\FRST
2013-06-29 14:29 - 2013-06-29 14:29 - 00080580 ____A C:\Users\user\Desktop\Extras.Txt
2013-06-29 14:28 - 2013-06-29 14:28 - 00377856 ____A C:\Users\user\Desktop\gmer_2.1.19163.exe
2013-06-29 14:28 - 2013-06-29 14:28 - 00085296 ____A C:\Users\user\Desktop\OTL.Txt
2013-06-29 14:18 - 2013-06-29 14:18 - 00602112 ____A (OldTimer Tools) C:\Users\user\Desktop\OTL.exe
2013-06-29 14:13 - 2013-06-29 14:13 - 00000470 ____A C:\Users\user\Desktop\defogger_disable.log
2013-06-29 14:13 - 2013-06-29 14:13 - 00000342 ____A C:\Users\user\Desktop\defogger_enable.log
2013-06-29 14:11 - 2013-06-29 14:11 - 00050477 ____A C:\Users\user\Desktop\Defogger.exe
2013-06-29 14:00 - 2013-03-24 11:15 - 00000000 ____D C:\Users\user\Desktop\Alles was mit Omsi zu hat
2013-06-29 13:51 - 2010-11-21 08:50 - 01830594 ____A C:\Windows\System32\perfh007.dat
2013-06-29 13:51 - 2010-11-21 08:50 - 00494264 ____A C:\Windows\System32\perfc007.dat
2013-06-29 13:51 - 2009-07-14 07:13 - 00005414 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 13:47 - 2012-02-08 14:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-29 13:46 - 2012-07-31 22:38 - 00000000 ____D C:\Program Files (x86)\Grandia2
2013-06-29 13:44 - 2012-06-20 11:47 - 00000000 ____D C:\Users\user\Desktop\Games
2013-06-29 13:29 - 2013-06-29 13:29 - 00001102 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:28 - 2013-06-29 13:28 - 00001039 ____A C:\AdwCleaner[R2].txt
2013-06-29 13:20 - 2013-06-29 10:51 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-06-29 11:07 - 2009-07-14 06:45 - 00269032 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-29 11:06 - 2013-06-29 11:06 - 00022858 ____A C:\AdwCleaner[S1].txt
2013-06-29 11:05 - 2013-06-29 11:05 - 00388608 ____A (Trend Micro Inc.) C:\Users\user\Desktop\HiJackThis204.exe
2013-06-29 11:05 - 2013-06-29 11:05 - 00023531 ____A C:\AdwCleaner[R1].txt
2013-06-29 11:04 - 2012-05-17 18:47 - 00001130 ____A C:\Users\user\Desktop\Mozilla Firefox.lnk
2013-06-29 10:52 - 2013-06-29 10:52 - 00000000 ____A C:\autoexec.bat
2013-06-29 10:51 - 2013-06-29 10:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-06-29 10:37 - 2012-02-10 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-29 10:28 - 2012-02-08 14:18 - 00058016 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-29 10:23 - 2012-02-12 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-06-29 10:19 - 2012-04-05 21:14 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-28 15:12 - 2011-06-11 02:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-06-28 15:12 - 2011-06-11 02:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-06-28 15:10 - 2013-06-28 15:10 - 00000000 ____D C:\Users\user\AppData\Roaming\eIntaller
2013-06-28 12:19 - 2012-02-27 15:27 - 06644224 __ASH C:\Users\user\Desktop\Thumbs.db
2013-06-27 17:23 - 2012-02-22 13:16 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2013-06-27 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-27 09:32 - 2013-03-30 23:44 - 00000000 ____D C:\Users\user\Documents\SimCity 4
2013-06-27 08:18 - 2013-06-27 08:13 - 00000000 ____D C:\Users\user\Desktop\Wallpaper
2013-06-27 08:18 - 2013-02-05 21:47 - 00000000 ____D C:\Users\user\Desktop\Musik
2013-06-27 08:16 - 2013-06-27 08:10 - 00000000 ____D C:\Users\user\Desktop\Aufgaben
2013-06-26 15:27 - 2013-06-26 15:27 - 00000000 ____A C:\Users\user\Desktop\Montag 10.15 Jochem Schmidt Unfallchirurgie.txt
2013-06-18 15:39 - 2013-06-18 15:39 - 00000000 ____D C:\Users\user\Documents\My Cheat Tables
2013-06-12 21:50 - 2012-02-10 17:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 16:08 - 2013-06-16 00:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 00:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 00:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 00:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 00:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 00:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-03 17:14 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 09:26 - 2012-03-08 21:46 - 00000000 ____D C:\ProgramData\Adobe
2013-05-31 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-27 16:19

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 30.06.2013 14:04
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
FF Homepage: google.de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

Canccel 01.07.2013 10:10
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-06-2013 01
Ran by user at 2013-07-01 11:09:57 Run:2
Running from C:\Users\user\Desktop
Boot Mode: Normal
==============================================

Firefox homepage deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi => Moved successfully.
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi => Moved successfully.
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\s6lm9b1t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => Moved successfully.

==== End of Fixlog ====
Edit: Komisch! Jetzt hat sich "AD Blocker" selbstständig gelöscht und die Werbung wird plötzlich wieder angezeigt :wtf:


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:17 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131