Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Win32/Zbot.gen!AM in C:\Users\***\AppData\Roaming\Wexyt\ynim.exe gefunden (https://www.trojaner-board.de/138538-win32-zbot-gen-c-users-appdata-roaming-wexyt-ynim-exe-gefunden.html)

keep_smile 21.07.2013 13:58
Win32/Zbot.gen!AM in C:\Users\***\AppData\Roaming\Wexyt\ynim.exe gefunden
 
Hallo community,

ich bin neu hier und würde gern eure Hilfe in Anspruch nehmen.

Folgendes Problem:
Bekannte von mir haben mich gefragt, ob ich mir mal ihren Rechner ansehen kann weil dieser "komische" Meldungen anzeigt. Das habe ich nun getan und auch einiges festgestellt.

Gleich nach dem ersten Neustart meldete sich das Microsoft Tool zum Entfernen bösartiger Software und zeigte, dass es einen Virus namens PWS:Win32/Zbot.gen!AM gefunden hat. Ein Neustart sollte durchgeführt werden und folgendes fand ich dann im logfile des Tools.

Code:
Microsoft Windows Malicious Software Removal Tool v4.22, July 2013
Started On Sun Jul 21 11:51:21 2013

Quick Scan Results for 6EB31004-9CB5-4B17-9598-9D3116AFFF21:
----------------
->Scan ERROR: resource process://pid:4204 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4272 (code 0x00000490 (1168))
->Scan ERROR: resource process://pid:5236 (code 0x0000012B (299))
Threat detected: PWS:Win32/Zbot.gen!AM
    containerfile://C:\Users\***\AppData\Roaming\Wexyt\ynim.exe
        SHA1:  A06138424020C21F2EA3312B9E46867F763AA371
    file://C:\Users\***\AppData\Roaming\Wexyt\ynim.exe->[Obfuscator.QG]
        SigSeq: 0x0000E178B083517A
        SHA1:  A06138424020C21F2EA3312B9E46867F763AA371
    process://pid:3532
    regkey://HKCU@S-1-5-21-142382650-3986760438-10477542-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\Ynim
    runkey://HKCU@S-1-5-21-142382650-3986760438-10477542-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\Ynim

Quick Scan Removal Results
----------------
Start 'remove' for process://pid:3532
Operation succeeded !

Start 'remove' for regkey://HKCU@S-1-5-21-142382650-3986760438-10477542-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\Ynim
Operation succeeded !

Start 'remove' for runkey://HKCU@S-1-5-21-142382650-3986760438-10477542-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\Ynim
Operation succeeded !

Start 'remove' for file://\\?\C:\Users\***\AppData\Roaming\Wexyt\ynim.exe->[Obfuscator.QG]
Operation was scheduled to be completed after next reboot.


Results Summary:
----------------
For cleaning PWS:Win32/Zbot.gen!AM, the system needs to be restarted.
Microsoft Windows Malicious Software Removal Tool Finished On Sun Jul 21 11:52:30 2013


Return code: 12 (0xc)
Soweit so gut. Danach habe ich mit meinen Bekannten telefoniert.
Kurzform der Konversation:
Berichtet, dass sie einen Virus drauf haben. Ich empfohlen Rechner neu aufzusetzen. Beide total geschockt und entgeistert gefragt, ob das nicht anders zu reparieren geht. Gutmütig wie ich bin, hab ich zugesagt und mich jetzt der Virusbekämpfung verschrieben. :sword2:

Da ich nicht weiß, ob ich alles gefunden habe, melde ich mich nun hier bei euch.

Folgendes habe ich schon durchgeführt:
1. Komplettscan mit Malwarebytes --> zwei Funde
Log:

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.21.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
*** :: ***-PC [Administrator]

21.07.2013 12:18:06
mbam-log-2013-07-21 (12-18-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 468745
Laufzeit: 14 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\System\CurrentControlSet\Services\SkyNetU2CBDA_AMD64 (Rootkit.TDSS) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\***\AppData\Roaming\Aveva\oxija.exe (Trojan.Agent.rf) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
2. Nach eurer Anleitung für erste Schritte Defogger ausgeführt

3. OTL --> Quickscan
Log: OTL.txt

Code:
OTL logfile created on: 21.07.2013 13:47:58 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,44 Gb Available Physical Memory | 68,13% Memory free
15,96 Gb Paging File | 13,44 Gb Available in Paging File | 84,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 34,89 Gb Free Space | 31,21% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.21 13:38:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.08.14 00:32:04 | 001,572,864 | ---- | M] (Edimax Technology Co., Ltd.) -- C:\Program Files (x86)\Edimax\Common\RaUI.exe
PRC - [2009.07.14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.07.03 18:34:26 | 000,811,008 | ---- | M] () -- C:\Program Files (x86)\Edimax\Common\RaWLAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.07.21 13:19:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.18 16:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.02.26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.11.18 04:51:42 | 001,043,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.07.14 21:53:32 | 000,211,232 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009.07.14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.07.21 11:56:00 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.07.21 11:56:00 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.07.21 11:56:00 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.08.31 20:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.07.22 20:09:40 | 000,277,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.01 16:20:48 | 000,369,640 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.05.26 09:20:04 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.29 18:55:44 | 000,122,856 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.10.19 10:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.05.10 09:09:34 | 000,270,424 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SkyNetU2C_AMD64.sys -- (SKYNETU2C)
DRV:64bit: - [2010.04.28 09:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.12.02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009.12.02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009.12.02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009.12.02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.03 17:31:40 | 000,982,016 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F C0 5B E7 D0 D9 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{47D354BB-583D-49D0-B585-A1E525362CF4}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=0F1AC976-7A0C-4006-9A17-B40D3858CB41&apn_sauid=C88B670D-302A-481E-AF1C-018EC4D35E19
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.11 20:20:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012.09.27 16:56:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.07.21 11:55:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.11 20:20:19 | 000,000,000 | ---D | M]
 
[2013.07.21 11:40:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.07.21 11:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i0ekc3bw.default\extensions
[2013.07.21 11:41:56 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\i0ekc3bw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.21 11:43:03 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\i0ekc3bw.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.07.21 12:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.07.21 11:40:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.21 11:40:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.21 11:55:50 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C8592ED-BE47-4516-977A-FFA968384A7E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BDD11DE-325E-401B-929C-1C3A3C4F557A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB0155B1-EA5D-454A-A515-A9C13485AE1E}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF80A1ED-C7BB-4708-93FF-5156F29FA6D7}: DhcpNameServer = 0.0.0.0
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{07aa8648-46be-11e1-a09d-8c89a57ce71f}\Shell - "" = AutoRun
O33 - MountPoints2\{07aa8648-46be-11e1-a09d-8c89a57ce71f}\Shell\AutoRun\command - "" = I:\pushinst.exe
O33 - MountPoints2\{dce6a8da-1999-11e1-8e33-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dce6a8da-1999-11e1-8e33-806e6f6e6963}\Shell\AutoRun\command - "" = D:\cdstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.21 13:38:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.21 12:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.07.21 12:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.07.21 12:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
[2013.07.21 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
[2013.07.21 12:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.07.21 12:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.07.21 12:10:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2013.07.21 12:10:27 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.21 12:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.21 12:10:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.21 12:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.21 12:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.07.21 11:55:56 | 000,378,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.07.21 11:55:56 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.07.21 11:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.07.21 11:55:55 | 001,030,952 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.07.21 11:55:55 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.07.21 11:55:55 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.07.21 11:55:54 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.07.21 11:55:54 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.07.21 11:55:43 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.07.21 11:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.07.21 11:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.07.21 11:40:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2013.07.21 11:40:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2013.07.21 11:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.07.21 11:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.21 11:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.07.04 15:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
[2013.06.26 20:13:24 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Probleme (Lichtenhain)
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.21 13:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.21 13:38:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.21 13:37:13 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.07.21 13:36:02 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2013.07.21 13:15:59 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.21 13:15:59 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.21 13:08:54 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.21 13:08:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.21 13:08:41 | 2132,443,135 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.21 13:01:00 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013.07.21 12:58:40 | 003,882,918 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.21 12:58:40 | 001,560,420 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.21 12:58:40 | 001,133,204 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.21 12:58:40 | 001,005,962 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.21 12:58:40 | 000,005,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.21 12:07:48 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.07.21 11:56:00 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.07.21 11:56:00 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.07.21 11:56:00 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.07.21 11:56:00 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.07.21 11:56:00 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.07.21 11:56:00 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.07.21 11:55:56 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.07.21 11:55:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.07.21 11:53:05 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.21 11:52:27 | 000,000,127 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013.07.21 11:40:27 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.21 11:35:23 | 520,651,347 | ---- | M] () -- C:\Windows\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2013.07.21 13:37:13 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2013.07.21 13:36:01 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2013.07.21 12:07:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.07.21 12:07:48 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.07.21 11:56:00 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.07.21 11:56:00 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.07.21 11:56:00 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.07.21 11:55:56 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.07.21 11:55:55 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.07.21 11:55:55 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.07.21 11:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.07.21 11:52:27 | 000,000,127 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2013.07.21 11:40:27 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.21 11:40:27 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.21 21:04:10 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\FileOut.cns
[2013.05.21 21:04:10 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\FileIn.cns
[2013.04.12 21:56:10 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.07 16:44:52 | 000,828,657 | ---- | C] () -- C:\Windows\Diercke Globus Uninstaller.exe
[2012.09.27 16:54:42 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.04.18 10:45:41 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.04.17 12:24:16 | 000,001,124 | ---- | C] () -- C:\Users\***\OpenOffice.org 3.3.lnk
[2012.04.13 20:28:18 | 000,000,283 | ---- | C] () -- C:\Windows\madagascar.ini
[2012.04.01 12:12:01 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.11 21:20:54 | 000,219,026 | ---- | C] () -- C:\Windows\hpoins47.dat
[2012.03.11 21:20:54 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2012.03.11 20:17:16 | 000,177,993 | ---- | C] () -- C:\Windows\hphins33.dat
[2012.03.11 20:17:16 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat
[2012.02.28 20:42:48 | 000,036,734 | ---- | C] () -- C:\Windows\SysWow64\OggDSuninst.exe
[2011.09.27 14:18:42 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.27 14:18:42 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.31 20:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.31 20:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.31 20:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.23 14:16:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Cornelsen
[2013.01.07 16:45:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Diercke Globus
[2013.05.06 14:36:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kalypso Media
[2012.04.17 12:24:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2012.04.06 17:31:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RedDotGames
[2013.03.28 23:20:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
 
========== Purity Check ==========
 
 

< End of report >
Extras.txt

Code:
OTL Extras logfile created on: 21.07.2013 13:47:58 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 5,44 Gb Available Physical Memory | 68,13% Memory free
15,96 Gb Paging File | 13,44 Gb Available in Paging File | 84,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 34,89 Gb Free Space | 31,21% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D6E7E6-868C-46C4-9742-32356F72C4B9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0BF7912B-8EDF-4031-9DDA-096CFE676CE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1957DCAB-E20F-4BD5-B6EF-79FB06CFD767}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D91200C-BB06-4573-9E10-40510C5B1A6C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2CDE6F03-94D8-4F2B-BEB4-1FBC370ACF22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33AB2FD8-79D1-4AA2-B34A-4099B37D34FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43705F44-8908-4AB9-BFDF-5981240B11A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{46152643-A7F0-4530-AAB8-C8D539621B99}" = rport=137 | protocol=17 | dir=out | app=system |
"{58451DC7-A424-4A62-AFB0-7C9FEE120C41}" = rport=139 | protocol=6 | dir=out | app=system |
"{66A36A25-AF12-41D4-91E4-1E2F5ECFBBCB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{675BA171-B6E6-4001-99B0-DB4702FCCDCE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{686DE8C2-E5AD-46EB-B456-C7E62BC98CDC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69903179-6FA9-4205-802A-295DEEB6363A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6D24E21C-5A08-4A34-852B-A493146D34B8}" = rport=445 | protocol=6 | dir=out | app=system |
"{71D8E090-0F9E-4269-B1B4-D18540EFFE9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{79F03C76-79EA-4E54-B65F-085DDC16BFEB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7F543841-3E3F-4EBA-A714-9B38C9F3F121}" = lport=445 | protocol=6 | dir=in | app=system |
"{85EC0F71-2E06-4FCA-A96E-8209F65F7B8E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{85FF6149-9F39-477E-A92B-A4E3B368660E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9070BD99-4701-47A3-B49D-8434EE6C173C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{952296D9-3E6B-4016-90D0-58D159FAF305}" = rport=138 | protocol=17 | dir=out | app=system |
"{97124B34-9BEA-4903-B1EA-8232EE5C9881}" = lport=137 | protocol=17 | dir=in | app=system |
"{9A4B577E-79A1-4D59-95B6-D292F842A3C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AC63330E-E816-4350-AFC6-8A724E8BE939}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B67A636E-C180-4D55-BD2B-14F24B830263}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF6D6B3F-044A-4877-9213-C7D5D15F5EA5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7DD1089-347D-4DBE-8B87-BA8E2FD19246}" = lport=138 | protocol=17 | dir=in | app=system |
"{D993315F-A900-4B86-82BA-4D4DF5745E81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0F8FCCD-8A28-47F3-8F84-DE8283D6ED60}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA5D5A67-C9BC-4DEF-A47D-1475928A71AB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB6E6569-016C-4056-917F-1A322DE174F5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F06CB6D5-9F80-47EE-B1BA-593BDDA2A01C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F2B972A9-A092-4E43-9717-7873EEA6F8AD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F41DC94E-E514-4379-A13A-79C16DBFA128}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075DFE70-A05A-4C9E-94A3-AFA0D779678A}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{11547F77-6997-4119-B9BB-F6876A09EC4D}" = protocol=17 | dir=in | app=c:\program files (x86)\skiregion simulator 2012 demo\skiregionsimulator2012.exe |
"{125E0CC7-8FA9-4BE8-A96E-694CD48DDCCB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{12793766-0D62-42DC-A8DC-AD7B07402A63}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{23C81584-F8EB-460D-AF23-6346253085FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{267982CD-2678-4D02-95CA-F95A751F449D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CC52D5A-5147-4852-BEF9-44E449B66CAA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{33D5096F-F205-41A3-BA30-A3432E4F22B8}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\farmingsimulator2011.exe |
"{3FBF5901-FFD8-4583-B821-1F5DBA9D98C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{40B77C0C-8686-4578-AB47-7738EA8DCCEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{438AB606-F702-45E1-ACF7-ACAEEB519FBE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{4670AB29-B351-41ED-B83A-70C6F8AD6F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\skiregion simulator 2012 demo\skiregionsimulator2012.exe |
"{47B587DA-17FA-44F0-8CA8-A938F1AEC4D2}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{4831F904-25B3-41A4-AE14-B9B58A94D672}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{4A2A1EBB-1F37-470F-94D5-F065297C4D8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A2D951C-568F-427E-A649-DFAEF981B024}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4AA5A54F-F2DF-48AD-B809-FDF73CCCB121}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{56CF7EEA-D967-46F6-BFE8-4EE73D8F859F}" = protocol=17 | dir=in | app=c:\program files (x86)\pacific hawk\pacific hawk\game.exe |
"{5BE30D9D-81B1-45A3-96D9-23E4B2A320CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D7C3877-F032-497C-AB84-D5B912D32C36}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\game.exe |
"{5F8DFC80-867B-401D-ACF7-86FD0C862E7B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{610E475D-7AC0-4364-8D63-AB4CF9BEFEAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6EA62FA0-26AE-4D0C-B8EA-20BBFC1BA2C2}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{6FACC0F7-5630-4235-8F11-FA2DCC53E558}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{6FE62AD4-6F2E-4202-8B2E-55C77B686B95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{78A47696-14B3-405C-97C0-E8F3EABAA3F0}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{78C8BD8A-F329-4B91-A0B2-7CD6803A3DF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79C65047-2CA2-4684-81AF-4A0643D864A4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7B1D2749-73E1-47DC-918F-58D0F3ACF53E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85A2ED0E-3DA1-4683-BBEC-9D0455A0EB86}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{87EFE64B-CC93-47EC-8FE1-E2639ABB22DA}" = protocol=6 | dir=in | app=c:\program files (x86)\pacific hawk\pacific hawk\game.exe |
"{88EA5DCE-80DE-4840-B656-3F558B35CA8E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8996C32C-F6A4-4A6B-B514-014F12AD0893}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{8E37B234-D62B-4C14-8A5B-83DD1B1F3604}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8EC28B92-7533-4986-A7B8-8A2461462694}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{8ECFEAC1-DF37-4183-838E-983FB12CF975}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{94BFB0D9-E9E6-4904-8242-FDCCFA99049D}" = protocol=6 | dir=in | app=c:\program files (x86)\skiregion simulator 2012\skiregionsimulator2012.exe |
"{980536EB-7D2F-472F-A6B8-D36BCF486A65}" = protocol=17 | dir=in | app=c:\program files (x86)\skiregion simulator 2012\skiregionsimulator2012game.exe |
"{A26AE5AC-E8E3-4D7A-98EE-38658A18B420}" = protocol=6 | dir=out | app=system |
"{A33A6E6E-0FE1-4832-AA09-DDA7A19EAD59}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{AEA82BC7-7E34-4C31-B9BF-578DB598F297}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B097C575-C7AC-496F-8929-3A3476C59DD1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{B388123A-0727-4F76-95F7-6BEE0D2A03BE}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{BF3D7DB5-CCDD-4DFC-BA95-F6F1FDE3D26C}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{C0E5A557-E621-4D0B-9D20-8CD59654A879}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |
"{C512D5FF-C0DC-4366-9CD4-6A35EEFF9A0E}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\farmingsimulator2011.exe |
"{C61435B3-38B8-4E74-B0C3-3810E1500B2F}" = protocol=17 | dir=in | app=c:\program files (x86)\skiregion simulator 2012\skiregionsimulator2012.exe |
"{CF7523A8-B3FA-4FA3-8BBE-82FE2CA0F612}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{D4DBF96F-ED0C-410A-9657-B24669B05897}" = protocol=17 | dir=in | app=c:\program files (x86)\skiregion simulator 2012 demo\game.exe |
"{DB0F4984-9704-43E1-862F-687757684346}" = protocol=6 | dir=in | app=c:\program files (x86)\skiregion simulator 2012 demo\game.exe |
"{DB247CA9-4685-49F6-B792-25E06C1512D3}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{DF72A23F-047A-4037-A020-987DAD64E59F}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2011 demo\game.exe |
"{E9CD80F8-6FD0-4BF8-B599-9E8E3410ED26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{EFA79277-BE0C-437F-BCFE-A42663028116}" = protocol=6 | dir=in | app=c:\program files (x86)\skiregion simulator 2012\skiregionsimulator2012game.exe |
"{F711C667-CDB5-46E6-9558-79C27A21FD20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA185E1A-B655-47D3-86E1-37FEDE7C66A0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{FB38D78F-EA79-4C57-A782-24DA5274FECA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{FBBEE134-7FAC-4054-91B3-73CBA5D5A14D}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |
"{FCEAA8DB-3910-469A-AE0D-8AE27FD32C21}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{FE6700B1-001F-49C5-935E-604A55884642}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"TCP Query User{4CEE222D-0D61-473A-A66C-7BB83182FF61}C:\users\***\appdata\roaming\wexyt\ynim.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\wexyt\ynim.exe |
"TCP Query User{929A6A04-FD40-4166-A956-8B741710E998}C:\program files (x86)\pacific hawk\pacific hawk\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pacific hawk\pacific hawk\game.exe |
"TCP Query User{EC08A8E4-7206-40AB-8C1C-0DE19C90D21B}C:\program files (x86)\sixteen tons entertainment\emergency4\em4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency4\em4.exe |
"TCP Query User{F7335606-2D93-4500-B4FE-A445D2EA8BE8}C:\users\***\appdata\roaming\wexyt\ynim.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\wexyt\ynim.exe |
"UDP Query User{01AC408A-17EF-440E-8F53-CE5FEC44BCE5}C:\users\***\appdata\roaming\wexyt\ynim.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\wexyt\ynim.exe |
"UDP Query User{33181905-2C65-4A06-9173-3DDE9660EAFA}C:\users\***\appdata\roaming\wexyt\ynim.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\wexyt\ynim.exe |
"UDP Query User{B3C3CC4F-9CA6-440B-BBD5-AACA116FA3A1}C:\program files (x86)\sixteen tons entertainment\emergency4\em4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sixteen tons entertainment\emergency4\em4.exe |
"UDP Query User{FEF8C81F-4D98-4B69-9EA2-8EF12077D2F7}C:\program files (x86)\pacific hawk\pacific hawk\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pacific hawk\pacific hawk\game.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014E482A-0C27-47E3-BA82-307E9DCA2F47}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5409411D-CD72-432D-B823-1B520B24BD3C}" = HP Photosmart 5510 series - Grundlegende Software für das Gerät
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96178C0A-BAF9-4E49-A2A5-CDE76722105B}" = HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE47BA54-78AC-409F-9151-BDF5BE15A804}" = Network64
"{EDBC8AED-78A3-424E-ADB6-C7B1424FFAFD}" = Studie zur Verbesserung von HP Photosmart 5510 series Produkten
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05D08C4D-58A2-438B-A419-EE994E64E15D}" = B110
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0FB261F3-6F16-43FD-A404-F377C169B937}" = Madagascar (TM)
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Edimax Wireless LAN Card
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2AEB2EFA-477F-4F3F-9864-356AC2141F45}" = aerosoft's - Berliner S-Bahn Teil 1
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343A1706-26A4-45EA-88CF-37CA172B0F27}" = D1600
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66D475AE-F18B-43A0-8BAF-61AF4403E339}" = Webcam 1200
"{681734DF-28F0-4842-855C-91CCE610FA67}" = Aerosoft's - Strassenbahn Berlin-Koepenick
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{793FCE60-DE5E-4977-A942-A7B69A45B17D}" = MainConcept DTV Decoder Pro
"{82D7E57E-D9F0-4C2E-AA57-3E143D89F515}" = aerosoft's - Hoellentalbahn
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}" = Nero Multimedia Suite 10 Essentials
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1" = Bau-Simulator 2012 Version 1.0
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C98DB470-A8FD-4C84-9B21-DF222199DD66}" = aerosoft's - High Speed Trains
"{C9B2F671-870B-43A0-8B9D-7DB30CEBD87E}" = DJ_SF_06_D1600_SW_Min
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D032A7F0-8B5C-4603-8B46-235025D5F9C1}" = TechniSat DVB-PC TV Star
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D227E95D-C9E6-4B09-BC4C-F5A96D08A1CE}" = Patrizier IV Demo
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}" = HP Photosmart 5510 series Hilfe
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{EA5151A0-FCCA-4EE5-8B0A-D068F62DE52A}_is1" = Flughafen-Feuerwehr-Simulator Version 1.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"18 WoS Extreme Trucker" = 18 WoS Extreme Trucker 1.01
"3D-Fahrschule 2" = 3D-Fahrschule 2
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v3.00
"avast" = avast! Free Antivirus
"Bagger-Simulator 2011 (Demo)" = Bagger-Simulator 2011 (Demo)
"DemolitionCompanyDE_is1" = Demolition Company
"Diercke Globus" = Diercke Globus
"DriveGreen1" = John Deere Landmaschinen Simulator
"DVBViewer TE2_is1" = DVBViewer TE2
"Euro Truck Simulator" = Euro Truck Simulator 1.3
"FarmingSimulator2009GoldDE_is1" = Landwirtschafts-Simulator 2009 Gold
"FarmingSimulator2011DemoDE_is1" = Landwirtschafts Simulator 2011 Demo
"FarmingSimulator2013DE_is1" = Landwirtschafts Simulator 2013
"German Truck Simulator" = German Truck Simulator 1.32
"HP Photo Creations" = HP Photo Creations
"InstallShield_{0FB261F3-6F16-43FD-A404-F377C169B937}" = Madagascar
"Knobel- und Denkspiele 2_is1" = Knobel- und Denkspiele 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Pacific Hawk" = Pacific Hawk 1.0
"Ski Slalom 2010_is1" = Ski Slalom 2010
"SkiRegionSimulator2012DE_is1" = Skiregion Simulator 2012
"Train Simulator 1.0" = Microsoft Train Simulator
"Trucks & Trailers" = Trucks & Trailers 1.00
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2013 08:20:20 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 02.07.2013 08:20:20 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 02.07.2013 08:20:20 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 02.07.2013 08:29:34 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =
 
Error - 02.07.2013 08:39:39 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =
 
Error - 02.07.2013 13:00:33 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 02.07.2013 13:05:07 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 02.07.2013 13:05:07 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 02.07.2013 13:05:07 | Computer Name = ***-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 02.07.2013 13:51:18 | Computer Name = ***-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 02.07.2013 13:58:03 | Computer Name = ***-PC | Source = System Restore | ID = 8193
Description =
 
[ Media Center Events ]
Error - 15.06.2013 15:13:36 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 21:13:36 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..) 
 
Error - 15.06.2013 15:14:54 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 21:14:52 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)

 
Error - 21.07.2013 05:19:57 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 11:19:57 - Fehler beim Herstellen der Internetverbindung.  11:19:57
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 21.07.2013 05:20:05 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 11:20:02 - Fehler beim Herstellen der Internetverbindung.  11:20:02
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 21.07.2013 06:55:14 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description =
 
Error - 21.07.2013 06:56:20 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 21.07.2013 06:56:20 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 21.07.2013 07:09:34 | Computer Name = ***-PC | Source = WMPNetworkSvc | ID = 866321
Description =
 
Error - 21.07.2013 07:09:34 | Computer Name = ***-PC | Source = WMPNetworkSvc | ID = 866317
Description =
 
Error - 21.07.2013 07:09:34 | Computer Name = ***-PC | Source = WMPNetworkSvc | ID = 866321
Description =
 
Error - 21.07.2013 07:09:34 | Computer Name = ***-PC | Source = WMPNetworkSvc | ID = 866317
Description =
 
Error - 21.07.2013 07:09:50 | Computer Name = ***-PC | Source = DCOM | ID = 10016
Description =
 
Error - 21.07.2013 07:10:57 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 21.07.2013 07:10:57 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
 
< End of report >
Realname wurde in allen Logs in *** geändert.

Den 3. Schritt mit Gmer konnte ich leider nicht durchführen, weil das Programm während des Scans, mit der Meldung "es würde nicht mehr funktionieren", beendet wurde.

Ich hoffe ihr könnt mir helfen den Rechner ohne neu aufsetzen wieder sauber zu bekommen.

Grüße
keep_smile

schrauber 21.07.2013 14:30
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


keep_smile 21.07.2013 14:54
Hallo schrauber,

danke für deine schnelle Antwort.

Hier die Logs:

FRST.txt


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2013
Ran by *** (administrator) on 21-07-2013 15:49:20
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Edimax Technology Co., Ltd.) C:\Program Files (x86)\Edimax\Common\RaUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7288424 2011-08-15] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
MountPoints2: {07aa8648-46be-11e1-a09d-8c89a57ce71f} - I:\pushinst.exe
MountPoints2: {dce6a8da-1999-11e1-8e33-806e6f6e6963} - D:\cdstart.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Server4PC.lnk
ShortcutTarget: Server4PC.lnk -> C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe (TechniSat Digital, S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co., Ltd.)
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKCU - {47D354BB-583D-49D0-B585-A1E525362CF4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=0F1AC976-7A0C-4006-9A17-B40D3858CB41&apn_sauid=C88B670D-302A-481E-AF1C-018EC4D35E19
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 SKYNETU2C; C:\Windows\System32\DRIVERS\SkyNetU2C_AMD64.SYS [270424 2010-05-10] (TechniSat Digital, S.A.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:48 - 2013-07-21 15:48 - 01779345 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:45 - 2013-02-27 15:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:40 - 2013-03-01 09:29 - 00000230 _____ C:\Users\***\Downloads\Station Drivers ici tous les drivers nouveaux & anciens.url
2013-07-21 15:40 - 2013-02-18 11:40 - 03667973 _____ (Asmedia Technology) C:\Users\***\Downloads\setup.exe
2013-07-21 15:40 - 2013-01-15 22:40 - 00014272 _____ C:\Users\***\Downloads\readme.txt
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 13:14 - 2013-07-21 13:14 - 00000929 _____ C:\AdwCleaner[R1].txt
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:46 - 2013-07-21 12:46 - 00001409 _____ C:\AdwCleaner[S1].txt
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:55 - 2013-07-21 15:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 11:55 - 2013-07-21 11:56 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:55 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-21 11:55 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-21 11:55 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:50 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-21 11:50 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-21 11:50 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-21 11:50 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:48 - 2013-07-21 11:49 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-21 11:48 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-21 11:48 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-21 11:48 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-21 11:48 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-21 11:45 - 2013-07-21 11:48 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:45 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-21 11:45 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-21 11:45 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-21 11:45 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-21 11:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-21 11:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-21 11:40 - 2013-07-21 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-04 15:10 - 2013-07-04 15:12 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:13 - 2013-06-26 20:14 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)

==================== One Month Modified Files and Folders =======

2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:48 - 2013-07-21 15:48 - 01779345 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:42 - 2012-01-23 15:12 - 00000000 ____D C:\Users\***
2013-07-21 15:41 - 2012-04-17 12:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-21 15:38 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-21 15:38 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-21 15:35 - 2010-11-21 08:50 - 03897460 _____ C:\Windows\system32\perfh007.dat
2013-07-21 15:35 - 2010-11-21 08:50 - 01137722 _____ C:\Windows\system32\perfc007.dat
2013-07-21 15:35 - 2009-07-14 07:13 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:32 - 2012-04-17 12:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 15:32 - 2012-04-17 12:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 15:32 - 2012-04-17 12:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-21 15:31 - 2013-07-21 11:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:31 - 2013-03-15 21:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 15:31 - 2011-11-28 09:42 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-21 15:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 15:31 - 2009-07-14 06:51 - 00124024 _____ C:\Windows\setupact.log
2013-07-21 15:24 - 2012-01-23 15:12 - 01485010 _____ C:\Windows\WindowsUpdate.log
2013-07-21 15:23 - 2011-11-28 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 15:01 - 2012-09-27 16:55 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-07-21 14:53 - 2013-03-15 21:38 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 14:08 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 13:14 - 2013-07-21 13:14 - 00000929 _____ C:\AdwCleaner[R1].txt
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:46 - 2013-07-21 12:46 - 00001409 _____ C:\AdwCleaner[S1].txt
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:37 - 2010-11-21 05:47 - 00010864 _____ C:\Windows\PFRO.log
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:12 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:07 - 2012-03-23 15:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-21 12:07 - 2012-03-23 15:26 - 00000000 ____D C:\ProgramData\Adobe
2013-07-21 12:06 - 2012-03-23 15:38 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Adobe
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:04 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 12:04 - 2012-10-02 15:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-21 12:04 - 2012-10-02 15:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-21 12:04 - 2012-04-17 12:24 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:56 - 2013-07-21 11:55 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:49 - 2013-07-21 11:48 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2013-07-21 11:45 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:48 - 2013-03-15 21:38 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 11:48 - 2013-03-15 21:38 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:35 - 2012-02-29 19:32 - 520651347 _____ C:\Windows\MEMORY.DMP
2013-07-21 11:35 - 2012-02-29 19:32 - 00000000 ____D C:\Windows\Minidump
2013-07-21 11:28 - 2012-07-20 20:14 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2013-07-21 11:21 - 2012-03-11 20:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-21 11:21 - 2012-03-11 20:17 - 00002632 _____ C:\ProgramData\hpzinstall.log
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-09 13:26 - 2013-01-07 16:29 - 00000000 ____D C:\Users\***\Documents\German Truck Simulator
2013-07-09 13:17 - 2013-04-12 21:57 - 00000000 ____D C:\Users\***\Documents\Trucks & Trailers
2013-07-04 15:12 - 2013-07-04 15:10 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:14 - 2013-06-26 20:13 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)
2013-06-25 18:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-24 00:41 - 2011-11-08 13:28 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 16:21

==================== End Of Log ============================
--- --- ---


Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2013
Ran by *** at 2013-07-21 15:49:38
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
18 WoS Extreme Trucker 1.01 (x32 Version: 1.01)
3D-Fahrschule 2 (x32)
64 Bit HP CIO Components Installer (Version: 6.2.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Acrobat 4.0 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
aerosoft's - Berliner S-Bahn Teil 1 (x32)
aerosoft's - High Speed Trains (x32)
aerosoft's - Hoellentalbahn (x32)
Aerosoft's - Strassenbahn Berlin-Koepenick (x32 Version: 1.10)
AIDA64 Extreme Edition v3.00 (x32 Version: 3.00)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.4.7.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
B110 (x32 Version: 140.0.142.000)
Bagger-Simulator 2011 (Demo) (x32)
Bau-Simulator 2012 Version 1.0 (x32 Version: 1.0)
BufferChm (x32 Version: 140.0.212.000)
Cisco EAP-FAST Module (x32 Version: 2.1.6)
Cisco LEAP Module (x32 Version: 1.0.12)
Cisco PEAP Module (x32 Version: 1.0.13)
D1600 (x32 Version: 140.0.690.000)
Demolition Company (x32)
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Diercke Globus (x32 Version: 1.1)
Direct Show Ogg Vorbis Filter (remove only) (x32)
DJ_SF_06_D1600_SW_Min (x32 Version: 140.0.690.000)
DVBViewer TE2 (x32)
eaner (Version: 4.03)
Edimax Wireless LAN Card (x32 Version: 1.5.1.0)
Emergency4 (x32 Version: 1.03.001)
Euro Truck Simulator 1.3 (x32 Version: 1.3)
Flughafen-Feuerwehr-Simulator Version 1.0 (x32)
German Truck Simulator 1.32 (x32 Version: 1.32)
Google Earth Plug-in (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 140.0.211.000)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (x32 Version: 1.0.0.5192)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (Version: 25.0.621.0)
HP Photosmart 5510 series Hilfe (x32 Version: 140.0.2.2)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.003.000.004)
HPAppStudio (x32 Version: 140.0.95.000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
John Deere Landmaschinen Simulator (x32 Version: 1.0)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Knobel- und Denkspiele 2 (x32)
Landwirtschafts Simulator 2011 Demo (x32 Version: 1.0)
Landwirtschafts Simulator 2013 (x32 Version: 1.0)
Landwirtschafts-Simulator 2009 Gold (x32)
Madagascar (TM) (x32 Version: 1.00.0000)
Madagascar (x32 Version: 1.00.0000)
MainConcept DTV Decoder Pro (x32 Version: 1.5.0.2)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.212.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0)
Microsoft Silverlight (x32 Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Train Simulator (x32)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Moorhuhn Winter-Edition (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 10 Movie ThemePack 1 (x32 Version: 10.2.10000.11.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0)
Nero BurnRights 10 (x32 Version: 4.2.10500.1.102)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Control Center 10 (x32 Version: 10.2.11900.1.9)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.18400.9.0)
Nero CoverDesigner 10 (x32 Version: 5.2.11400.11.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.2.11900.20.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300)
Nero InfoTool 10 (x32 Version: 7.2.10400.5.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000)
Nero MediaHub 10 (x32 Version: 1.2.13200.33.100)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10400)
Nero RescueAgent 10 (x32 Version: 3.2.10800.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.0018)
Network64 (Version: 140.0.212.000)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19)
NVIDIA 3D Vision Controller-Treiber 296.10 (Version: 296.10)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (x32 Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Pacific Hawk 1.0 (x32 Version: 1.0)
Patrizier IV Demo (x32 Version: 1.0.0)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000)
QuickTransfer (x32 Version: 140.0.98.000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438)
Scan (x32 Version: 140.0.77.000)
Ski Slalom 2010 (x32)
Skiregion Simulator 2012 (x32 Version: 1.0)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.213.000)
Status (x32 Version: 140.0.212.000)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (Version: 25.0.621.0)
System Requirements Lab for Intel (x32 Version: 4.5.15.0)
TechniSat DVB-PC TV Star (x32 Version: 4.3.3)
Toolbox (x32 Version: 140.0.428.000)
TrayApp (x32 Version: 140.0.212.000)
Trucks & Trailers 1.00 (x32 Version: 1.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Webcam 1200 (x32 Version: 1.0.0.0)
WebReg (x32 Version: 140.0.212.017)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Toolbar (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {043A1F46-6CE0-4411-84E1-06B15C79CB12} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {0F5AF397-4977-4E79-881B-6A36A0E32824} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-04-30] (Microsoft Corporation)
Task: {31463616-8E78-4B36-AE36-F6993A87C756} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15] (Google Inc.)
Task: {57A64ED7-2D36-4038-8555-00B1374E0238} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {7807ED6F-1CCB-42F5-A32B-6C88D952BE9B} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {9BB06E46-2BD7-4028-BFB9-45F136473DB0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {ABAE6F9F-F834-48DD-84FE-E4D415762F9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15] (Google Inc.)
Task: {BF3D18F4-A4F5-46EF-A568-A9409ECD458E} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {C9D2F83D-7EB9-4197-80BB-EA6546C84EDE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {CAEA603A-FC49-4D43-95D6-E1D1DA0BCCF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-21] (Adobe Systems Incorporated)
Task: {D1693ED1-0D3D-499E-A4E4-CE9E3D810C60} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2013 03:35:27 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (07/21/2013 03:35:27 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (07/21/2013 03:35:26 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (07/21/2013 03:31:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 03:22:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 02:08:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 02:04:39 PM) (Source: Application Hang) (User: )
Description: Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14b4

Startzeit: 01ce860a2c42cdab

Endzeit: 0

Anwendungspfad: C:\Windows\system32\mmc.exe

Berichts-ID: b555cf1a-f1fd-11e2-9c9e-8c89a57ce71f

Error: (07/21/2013 02:01:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000218a
ID des fehlerhaften Prozesses: 0x1698
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (07/21/2013 02:00:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000218a
ID des fehlerhaften Prozesses: 0x1360
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (07/21/2013 01:08:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/21/2013 03:33:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (07/21/2013 03:33:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/21/2013 03:32:10 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2013 03:31:24 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (07/21/2013 03:31:24 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (07/21/2013 03:31:24 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (07/21/2013 03:31:24 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (07/21/2013 03:23:24 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2013 03:22:36 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (07/21/2013 03:22:36 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/


Microsoft Office Sessions:
=========================
Error: (07/21/2013 03:35:27 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/21/2013 03:35:27 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (07/21/2013 03:35:26 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (07/21/2013 03:31:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 03:22:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 02:08:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2013 02:04:39 PM) (Source: Application Hang)(User: )
Description: mmc.exe6.1.7600.1638514b401ce860a2c42cdab0C:\Windows\system32\mmc.exeb555cf1a-f1fd-11e2-9c9e-8c89a57ce71f

Error: (07/21/2013 02:01:55 PM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050000218a169801ce8609f4a0dd93C:\Users\***\Desktop\gmer_2.1.19163.exeC:\Users\***\Desktop\gmer_2.1.19163.exe56049500-f1fd-11e2-9c9e-8c89a57ce71f

Error: (07/21/2013 02:00:33 PM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050000218a136001ce8609c16cdf06C:\Users\***\Desktop\gmer_2.1.19163.exeC:\Users\***\Desktop\gmer_2.1.19163.exe2538190f-f1fd-11e2-9c9e-8c89a57ce71f

Error: (07/21/2013 01:08:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 8156.59 MB
Available physical RAM: 6637.51 MB
Total Pagefile: 16311.36 MB
Available Pagefile: 14737.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:34.45 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 3218CDB7)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Grüße
keep_smile

schrauber 21.07.2013 15:21
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

keep_smile 21.07.2013 22:00
Habe jetzt Combofix ausgeführt.

Hier das Logfile. Realname wurde wieder durch *** ersetzt.

Combofix.txt
Code:
ComboFix 13-07-20.03 - *** 21.07.2013  22:48:58.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8157.6718 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-06-21 bis 2013-07-21  ))))))))))))))))))))))))))))))
.
.
2013-07-21 20:51 . 2013-07-21 20:51        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-07-21 20:51 . 2013-07-21 20:51        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-07-21 20:51 . 2013-07-21 20:51        --------        d-----w-        c:\users\Privat\AppData\Local\temp
2013-07-21 13:49 . 2013-07-21 13:49        --------        d-----w-        C:\FRST
2013-07-21 13:45 . 2013-07-21 13:45        --------        d-----w-        c:\program files (x86)\Intel
2013-07-21 13:45 . 2013-02-27 13:37        53248        ----a-w-        c:\windows\SysWow64\CSVer.dll
2013-07-21 13:42 . 2013-07-21 13:42        --------        d-----w-        c:\program files (x86)\SystemRequirementsLab
2013-07-21 13:42 . 2013-07-21 13:42        --------        d-----w-        c:\users\***\SystemRequirementsLab
2013-07-21 13:32 . 2013-07-21 13:32        --------        d-----w-        c:\users\***\AppData\Local\Macromedia
2013-07-21 10:59 . 2013-07-21 10:59        --------        d-----w-        c:\program files\7-Zip
2013-07-21 10:22 . 2013-07-21 10:22        1236816        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-07-21 10:12 . 2013-07-21 10:12        --------        d-----w-        c:\program files (x86)\FinalWire
2013-07-21 10:11 . 2013-07-21 10:11        --------        d-----w-        c:\program files\CCleaner
2013-07-21 10:10 . 2013-07-21 10:10        --------        d-----w-        c:\users\***\AppData\Roaming\Malwarebytes
2013-07-21 10:10 . 2013-07-21 10:10        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-21 10:10 . 2013-07-21 10:10        --------        d-----w-        c:\programdata\Malwarebytes
2013-07-21 10:10 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-07-21 10:04 . 2013-07-21 10:04        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-07-21 10:04 . 2013-07-21 10:04        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 09:55 . 2013-07-21 09:56        378944        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-07-21 09:55 . 2013-05-09 08:59        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2013-07-21 09:55 . 2013-07-21 09:56        189936        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-07-21 09:55 . 2013-07-21 09:56        1030952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-07-21 09:55 . 2013-05-09 08:59        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-07-21 09:55 . 2013-05-09 08:59        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-07-21 09:55 . 2013-05-09 08:59        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-07-21 09:55 . 2013-05-09 08:59        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-07-21 09:55 . 2013-05-09 08:58        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-07-21 09:55 . 2013-05-09 08:58        41664        ----a-w-        c:\windows\avastSS.scr
2013-07-21 09:55 . 2013-07-21 09:55        --------        d-----w-        c:\program files\AVAST Software
2013-07-21 09:55 . 2013-07-21 09:55        --------        d-----w-        c:\programdata\AVAST Software
2013-07-21 09:48 . 2012-08-24 18:05        340992        ----a-w-        c:\windows\system32\schannel.dll
2013-07-21 09:48 . 2012-08-24 18:13        154480        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2013-07-21 09:48 . 2012-08-24 18:09        458712        ----a-w-        c:\windows\system32\drivers\cng.sys
2013-07-21 09:48 . 2012-08-24 18:03        1448448        ----a-w-        c:\windows\system32\lsasrv.dll
2013-07-21 09:48 . 2012-08-24 16:57        247808        ----a-w-        c:\windows\SysWow64\schannel.dll
2013-07-21 09:48 . 2012-08-24 16:57        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2013-07-21 09:48 . 2012-08-24 16:53        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2013-07-21 09:40 . 2013-07-21 09:40        --------        d-----w-        c:\users\***\AppData\Local\Mozilla
2013-07-21 09:40 . 2013-07-21 09:40        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2013-07-09 10:46 . 2013-06-12 03:08        9552976        ------w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E9C1E97-EA3A-4CED-A8A1-EC742410C484}\mpengine.dll
2013-07-04 13:10 . 2013-07-04 13:12        --------        d-----w-        c:\programdata\A86F7BE40715AB180000A86ED37DB398
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-21 13:32 . 2012-04-17 10:20        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-21 13:32 . 2012-04-17 10:20        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-21 10:22 . 2012-07-28 17:35        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-07-21 10:22 . 2012-07-28 17:34        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-07-21 10:04 . 2012-10-02 13:58        867240        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll
2013-07-21 10:04 . 2012-04-17 10:24        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:41 . 2011-11-08 11:28        78185248        ----a-w-        c:\windows\system32\MRT.exe
2013-06-15 20:15 . 2012-09-02 17:13        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-15 20:15 . 2012-09-02 17:12        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-05-13 05:51 . 2013-06-12 12:59        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 12:59        1464320        ----a-w-        c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 12:59        139776        ----a-w-        c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 12:59        52224        ----a-w-        c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 12:59        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 12:59        1160192        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 12:59        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 12:59        1192448        ----a-w-        c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:59        903168        ----a-w-        c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:59        43008        ----a-w-        c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 12:59        30720        ----a-w-        c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 12:59        24576        ----a-w-        c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 12:59        1910632        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-04-30 17:08 . 2013-04-30 17:08        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-04-30 17:08 . 2013-04-30 17:08        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 17:08 . 2013-04-30 17:08        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-04-30 17:08 . 2013-04-30 17:08        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-04-30 17:08 . 2013-04-30 17:08        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-04-30 17:08 . 2013-04-30 17:08        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-04-30 17:08 . 2013-04-30 17:08        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 17:08 . 2013-04-30 17:08        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 17:08 . 2013-04-30 17:08        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-04-30 17:08 . 2013-04-30 17:08        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-04-30 17:08 . 2013-04-30 17:08        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-04-30 17:08 . 2013-04-30 17:08        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-04-30 17:08 . 2013-04-30 17:08        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-04-30 17:08 . 2013-04-30 17:08        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-04-30 17:08 . 2013-04-30 17:08        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-04-30 17:08 . 2013-04-30 17:08        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-04-30 17:08 . 2013-04-30 17:08        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-04-30 17:08 . 2013-04-30 17:08        441856        ----a-w-        c:\windows\system32\html.iec
2013-04-30 17:08 . 2013-04-30 17:08        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-04-30 17:08 . 2013-04-30 17:08        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-04-30 17:08 . 2013-04-30 17:08        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-04-30 17:08 . 2013-04-30 17:08        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-04-30 17:08 . 2013-04-30 17:08        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-04-30 17:08 . 2013-04-30 17:08        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-04-30 17:08 . 2013-04-30 17:08        235008        ----a-w-        c:\windows\system32\url.dll
2013-04-30 17:08 . 2013-04-30 17:08        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-04-30 17:08 . 2013-04-30 17:08        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-04-30 17:08 . 2013-04-30 17:08        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-04-30 17:08 . 2013-04-30 17:08        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-04-30 17:08 . 2013-04-30 17:08        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-04-30 17:08 . 2013-04-30 17:08        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-04-30 17:08 . 2013-04-30 17:08        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-04-30 17:08 . 2013-04-30 17:08        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-04-30 17:08 . 2013-04-30 17:08        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-04-30 17:08 . 2013-04-30 17:08        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-04-30 17:08 . 2013-04-30 17:08        149504        ----a-w-        c:\windows\system32\occache.dll
2013-04-30 17:08 . 2013-04-30 17:08        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-04-30 17:08 . 2013-04-30 17:08        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-04-30 17:08 . 2013-04-30 17:08        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-04-30 17:08 . 2013-04-30 17:08        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-04-30 17:08 . 2013-04-30 17:08        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-04-30 17:08 . 2013-04-30 17:08        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-04-30 17:08 . 2013-04-30 17:08        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-04-30 17:08 . 2013-04-30 17:08        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-04-30 17:08 . 2013-04-30 17:08        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-04-30 17:08 . 2013-04-30 17:08        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-04-30 17:08 . 2013-04-30 17:08        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 17:08 . 2013-04-30 17:08        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 17:08 . 2013-04-30 17:08        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-04-26 05:51 . 2013-06-12 12:59        751104        ----a-w-        c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-12 12:59        492544        ----a-w-        c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-12 12:59        1505280        ----a-w-        c:\windows\SysWow64\d3d11.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 2676584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
c:\users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Server4PC.lnk - c:\program files (x86)\TechniSat DVB\bin\Server4PC.exe [2012-1-26 309848]
Wireless Utility.lnk - c:\program files (x86)\Edimax\Common\RaUI.exe -s [2012-4-18 1572864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SKYNETU2C;TechniSat DVB-PC TV Star USB HD;c:\windows\system32\DRIVERS\SkyNetU2C_AMD64.SYS;c:\windows\SYSNATIVE\DRIVERS\SkyNetU2C_AMD64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Edimax\Common\RaRegistry64.exe;c:\program files (x86)\Edimax\Common\RaRegistry64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:32]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 19:38]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 19:38]
.
2013-07-21 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58        133840        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-08-15 7288424]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2013-07-21 11:41; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-07-21 11:43; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2013-07-21 11:55; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2012-03-11 19:20; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-38236766.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-Moorhuhn Winter-Edition - c:\windows\IsUn0407.exe
AddRemove-OggDS - c:\windows\system32\OggDSuninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-21  22:53:09
ComboFix-quarantined-files.txt  2013-07-21 20:53
.
Vor Suchlauf: 11 Verzeichnis(se), 40.604.184.576 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 42.201.767.936 Bytes frei
.
- - End Of File - - A396BD8D5B9ADC6AE0F97671ECD7A070
A36C5E4F47E84449FF07ED3517B43A31
Grüße
keep_smile

schrauber 22.07.2013 08:59
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

keep_smile 22.07.2013 12:30
Hallo schrauber,

hier die Logs.

AdwCleaner.txt

Code:
# AdwCleaner v2.306 - Datei am 22/07/2013 um 12:49:41 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [929 octets] - [21/07/2013 13:14:32]
AdwCleaner[S1].txt - [1409 octets] - [21/07/2013 12:46:09]
AdwCleaner[S2].txt - [859 octets] - [22/07/2013 12:49:41]

########## EOF - C:\AdwCleaner[S2].txt - [918 octets] ##########
JRT.txt

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.0 (07.21.2013:1)
OS: Windows 7 Home Premium x64
Ran by *** on 22.07.2013 at 12:55:15,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{47D354BB-583D-49D0-B585-A1E525362CF4}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\i0ekc3bw.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2013 at 12:58:39,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Frisches FRST Log


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by *** (administrator) on 22-07-2013 13:25:44
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Edimax Technology Co., Ltd.) C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKU\Privat\...\Run: [HP Photosmart 5510 series (NET)] - "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2353900W05V3:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\Privat\...\Policies\system: [DisableLockWorkstation] 0
HKU\UpdatusUser\...\Run: [HP Photosmart 5510 series (NET)] - "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2353900W05V3:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\UpdatusUser\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Server4PC.lnk
ShortcutTarget: Server4PC.lnk -> C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe (TechniSat Digital, S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co., Ltd.)
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

==================== Drivers (Whitelisted) ====================

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32088 2013-06-02] ()
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32088 2013-06-02] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [52440 2012-12-26] (Asmedia Technology)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 SKYNETU2C; C:\Windows\System32\DRIVERS\SkyNetU2C_AMD64.SYS [270424 2010-05-10] (TechniSat Digital, S.A.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 13:23 - 2013-07-22 13:23 - 01779363 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-22 13:21 - 2013-07-22 12:49 - 00000986 _____ C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-22 12:58 - 2013-07-22 12:58 - 00000911 _____ C:\Users\***\Desktop\JRT.txt
2013-07-22 12:55 - 2013-07-22 12:55 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 12:49 - 2013-07-22 12:49 - 00000986 _____ C:\AdwCleaner[S1].txt
2013-07-22 12:48 - 2013-07-22 12:48 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-22 12:46 - 2013-07-22 12:46 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-22 08:46 - 2013-03-06 13:44 - 00000000 ____D C:\Users\***\Downloads\Driver
2013-07-22 08:46 - 2012-11-30 21:06 - 00000230 _____ C:\Users\***\Downloads\Station Drivers ici tous les drivers nouveaux & anciens.url
2013-07-22 08:46 - 2012-11-14 12:39 - 04311241 _____ (Asmedia Technology) C:\Users\***\Downloads\setup.exe
2013-07-22 08:46 - 2012-11-08 13:41 - 00418632 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmtxhci.sys
2013-07-22 08:46 - 2012-11-08 13:41 - 00139592 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmthub3.sys
2013-07-22 08:46 - 2012-10-31 15:50 - 00006075 _____ C:\Users\***\Downloads\readme.txt
2013-07-22 08:45 - 2013-07-22 08:45 - 04520807 _____ (Igor Pavlov) C:\Users\***\Downloads\asmedia_usb3_11.6.4WHQL(www.station-drivers.com).exe
2013-07-22 08:27 - 2013-07-22 08:27 - 00000000 ____D C:\Users\***\Downloads\HD
2013-07-22 08:27 - 2013-05-28 22:37 - 03432776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-22 08:27 - 2013-05-28 17:27 - 00581517 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-07-22 08:27 - 2013-05-27 18:37 - 25625088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-07-22 08:27 - 2013-05-27 16:37 - 04820248 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-07-22 08:27 - 2013-05-27 16:34 - 00748888 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-07-22 08:27 - 2013-05-26 23:24 - 05459436 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-07-22 08:27 - 2013-05-24 17:40 - 00142408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-07-22 08:27 - 2013-05-22 11:24 - 03744328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-22 08:27 - 2013-05-20 16:16 - 01003592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-22 08:27 - 2013-05-20 14:36 - 02794056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-22 08:27 - 2013-05-02 12:01 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-07-22 08:27 - 2013-05-02 12:01 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-07-22 08:27 - 2013-05-02 12:00 - 00920320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-07-22 08:27 - 2013-04-30 14:28 - 00916016 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-07-22 08:27 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-22 08:27 - 2013-04-23 00:40 - 02735648 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-07-22 08:27 - 2013-04-18 13:49 - 14035712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-07-22 08:27 - 2013-04-18 13:48 - 03138304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-07-22 08:27 - 2013-04-18 13:48 - 01903872 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00834328 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00528152 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-07-22 08:27 - 2013-04-15 11:19 - 00722688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-07-22 08:27 - 2013-04-08 17:37 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-07-22 08:27 - 2013-04-08 17:36 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-07-22 08:27 - 2013-04-08 17:36 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-07-22 08:27 - 2013-04-03 22:02 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-07-22 08:27 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-07-22 08:25 - 2013-07-22 08:26 - 184018840 _____ C:\Users\***\Downloads\realtek_hd_audio.zip
2013-07-22 08:19 - 2013-07-22 08:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-22 08:19 - 2013-07-22 08:19 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 08:19 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-07-22 08:19 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-07-22 08:19 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-07-22 08:19 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-22 08:18 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-22 08:18 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-07-22 08:18 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-22 08:18 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-07-22 08:18 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-07-22 08:18 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-07-22 08:18 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-07-22 08:18 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-22 08:18 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-22 08:18 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-22 08:18 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-07-22 08:18 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-07-22 08:18 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-22 08:18 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-22 08:18 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-07-22 08:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-07-22 08:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-07-22 08:13 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-07-22 08:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-07-22 08:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-07-22 08:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-07-22 08:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-07-22 08:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-07-22 08:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-07-22 08:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-07-22 08:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-07-22 08:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-07-22 08:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-07-22 08:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-07-22 08:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-07-22 08:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-07-22 08:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-07-22 08:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-07-22 08:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-07-22 08:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-07-22 08:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-07-22 08:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-07-22 08:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-07-22 08:12 - 2013-07-22 08:13 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 08:11 - 2013-07-22 08:13 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-22 08:11 - 2013-07-22 08:11 - 00292184 _____ (Microsoft Corporation) C:\Users\***\Downloads\dxwebsetup.exe
2013-07-22 08:10 - 2013-07-22 08:13 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\***\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-07-22 08:09 - 2013-07-22 08:09 - 00869654 _____ C:\Users\***\Downloads\Driver_Win7_7072_05222013.zip
2013-07-22 07:59 - 2013-04-10 05:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-07-22 07:50 - 2013-04-01 14:06 - 02079816 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-07-22 07:48 - 2013-07-22 07:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-22 07:39 - 2013-07-22 07:39 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-07-22 07:38 - 2013-07-22 07:38 - 03235565 _____ C:\Users\***\Downloads\asm_sata3_1.4.1.0.zip
2013-07-22 07:30 - 2012-08-22 10:19 - 00011832 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\acpimof.dll
2013-07-22 07:29 - 2013-07-22 07:29 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 23:16 - 2013-07-21 23:16 - 00000000 ____D C:\Users\***\Downloads\p95v279.win64
2013-07-21 22:53 - 2013-07-21 22:53 - 00024674 _____ C:\ComboFix.txt
2013-07-21 22:48 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-21 22:48 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-21 22:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-21 22:47 - 2013-07-21 22:53 - 00000000 ____D C:\Qoobox
2013-07-21 22:47 - 2013-07-21 22:53 - 00000000 ____D C:\ComboFix
2013-07-21 22:47 - 2013-07-21 22:52 - 00000000 ____D C:\Windows\erdnt
2013-07-21 22:45 - 2013-07-21 22:45 - 05093416 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-21 15:49 - 2013-07-21 15:49 - 00021648 _____ C:\Users\***\Desktop\Addition.txt
2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:45 - 2013-02-27 15:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:55 - 2013-07-22 08:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 11:55 - 2013-07-21 11:56 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:55 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-21 11:55 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-21 11:55 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:50 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-21 11:50 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-21 11:50 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-21 11:50 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:48 - 2013-07-21 11:49 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-21 11:48 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-21 11:48 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-21 11:48 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-21 11:48 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-21 11:45 - 2013-07-21 11:48 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:45 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-21 11:45 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-21 11:45 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-21 11:45 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-21 11:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-21 11:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-21 11:40 - 2013-07-21 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-04 22:22 - 2013-07-22 08:33 - 00000000 ____D C:\Users\***\Downloads\asm_sata3_1.4.1.0
2013-07-04 22:22 - 2012-12-26 19:27 - 00052440 _____ (Asmedia Technology) C:\Windows\system32\Drivers\asahci64.sys
2013-07-04 22:22 - 2012-09-03 17:04 - 00041984 _____ (Asmedia Technology) C:\Windows\system32\ahcipp64.dll
2013-07-04 15:10 - 2013-07-04 15:12 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:13 - 2013-06-26 20:14 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)

==================== One Month Modified Files and Folders =======

2013-07-22 13:23 - 2013-07-22 13:23 - 01779363 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-22 13:01 - 2012-09-27 16:55 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-07-22 12:58 - 2013-07-22 12:58 - 00000911 _____ C:\Users\***\Desktop\JRT.txt
2013-07-22 12:55 - 2013-07-22 12:55 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 12:53 - 2013-03-15 21:38 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-22 12:53 - 2013-03-15 21:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-22 12:50 - 2012-01-23 15:12 - 01637893 _____ C:\Windows\WindowsUpdate.log
2013-07-22 12:50 - 2011-11-28 09:42 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-22 12:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-22 12:50 - 2009-07-14 06:51 - 00127899 _____ C:\Windows\setupact.log
2013-07-22 12:50 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 12:50 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 12:49 - 2013-07-22 13:21 - 00000986 _____ C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-22 12:49 - 2013-07-22 12:49 - 00000986 _____ C:\AdwCleaner[S1].txt
2013-07-22 12:48 - 2013-07-22 12:48 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-22 12:46 - 2013-07-22 12:46 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-22 08:45 - 2013-07-22 08:45 - 04520807 _____ (Igor Pavlov) C:\Users\***\Downloads\asmedia_usb3_11.6.4WHQL(www.station-drivers.com).exe
2013-07-22 08:41 - 2012-04-17 12:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-22 08:33 - 2013-07-04 22:22 - 00000000 ____D C:\Users\***\Downloads\asm_sata3_1.4.1.0
2013-07-22 08:30 - 2013-07-21 11:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-22 08:27 - 2013-07-22 08:27 - 00000000 ____D C:\Users\***\Downloads\HD
2013-07-22 08:27 - 2013-07-22 08:19 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-22 08:26 - 2013-07-22 08:25 - 184018840 _____ C:\Users\***\Downloads\realtek_hd_audio.zip
2013-07-22 08:19 - 2013-07-22 08:19 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 08:18 - 2010-11-21 05:47 - 00144382 _____ C:\Windows\PFRO.log
2013-07-22 08:13 - 2013-07-22 08:12 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 08:13 - 2013-07-22 08:11 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-22 08:13 - 2013-07-22 08:10 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\***\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-07-22 08:13 - 2011-11-08 12:44 - 00361047 _____ C:\Windows\DirectX.log
2013-07-22 08:11 - 2013-07-22 08:11 - 00292184 _____ (Microsoft Corporation) C:\Users\***\Downloads\dxwebsetup.exe
2013-07-22 08:10 - 2013-05-22 05:13 - 00000000 ____D C:\Users\***\Downloads\Driver_Win7_7072_05222013
2013-07-22 08:09 - 2013-07-22 08:09 - 00869654 _____ C:\Users\***\Downloads\Driver_Win7_7072_05222013.zip
2013-07-22 08:03 - 2012-07-20 20:14 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2013-07-22 07:59 - 2013-07-22 07:48 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-22 07:59 - 2011-11-28 09:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 07:44 - 2012-04-01 12:12 - 00000000 ____D C:\Users\***\AppData\Roaming\SoftGrid Client
2013-07-22 07:39 - 2013-07-22 07:39 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-07-22 07:39 - 2011-11-14 13:18 - 00012790 _____ C:\Windows\DPINST.LOG
2013-07-22 07:38 - 2013-07-22 07:38 - 03235565 _____ C:\Users\***\Downloads\asm_sata3_1.4.1.0.zip
2013-07-22 07:29 - 2013-07-22 07:29 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 23:16 - 2013-07-21 23:16 - 00000000 ____D C:\Users\***\Downloads\p95v279.win64
2013-07-21 22:53 - 2013-07-21 22:53 - 00024674 _____ C:\ComboFix.txt
2013-07-21 22:53 - 2013-07-21 22:47 - 00000000 ____D C:\Qoobox
2013-07-21 22:53 - 2013-07-21 22:47 - 00000000 ____D C:\ComboFix
2013-07-21 22:52 - 2013-07-21 22:47 - 00000000 ____D C:\Windows\erdnt
2013-07-21 22:52 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-21 22:45 - 2013-07-21 22:45 - 05093416 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-21 15:49 - 2013-07-21 15:49 - 00021648 _____ C:\Users\***\Desktop\Addition.txt
2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:42 - 2012-01-23 15:12 - 00000000 ____D C:\Users\***
2013-07-21 15:35 - 2010-11-21 08:50 - 03897460 _____ C:\Windows\system32\perfh007.dat
2013-07-21 15:35 - 2010-11-21 08:50 - 01137722 _____ C:\Windows\system32\perfc007.dat
2013-07-21 15:35 - 2009-07-14 07:13 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:32 - 2012-04-17 12:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 15:32 - 2012-04-17 12:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 15:32 - 2012-04-17 12:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-21 15:23 - 2011-11-28 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 14:08 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:12 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:07 - 2012-03-23 15:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-21 12:07 - 2012-03-23 15:26 - 00000000 ____D C:\ProgramData\Adobe
2013-07-21 12:06 - 2012-03-23 15:38 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Adobe
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:04 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 12:04 - 2012-10-02 15:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-21 12:04 - 2012-10-02 15:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-21 12:04 - 2012-04-17 12:24 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:56 - 2013-07-21 11:55 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:49 - 2013-07-21 11:48 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2013-07-21 11:45 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:48 - 2013-03-15 21:38 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 11:48 - 2013-03-15 21:38 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:35 - 2012-02-29 19:32 - 520651347 _____ C:\Windows\MEMORY.DMP
2013-07-21 11:35 - 2012-02-29 19:32 - 00000000 ____D C:\Windows\Minidump
2013-07-21 11:21 - 2012-03-11 20:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-21 11:21 - 2012-03-11 20:17 - 00002632 _____ C:\ProgramData\hpzinstall.log
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-09 13:26 - 2013-01-07 16:29 - 00000000 ____D C:\Users\***\Documents\German Truck Simulator
2013-07-09 13:17 - 2013-04-12 21:57 - 00000000 ____D C:\Users\***\Documents\Trucks & Trailers
2013-07-04 15:12 - 2013-07-04 15:10 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:14 - 2013-06-26 20:13 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)
2013-06-25 18:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-24 00:57 - 2011-11-08 13:28 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-22 13:13

==================== End Of Log ============================
--- --- ---


Grüße
keep_smile

schrauber 22.07.2013 13:56

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

keep_smile 22.07.2013 19:21
So, hat bisschen gedauert, aber hier die Logs.
ESET hat ein Java Exploid gefunden und SecurityCheck wurde mit der Meldung "unsupported operating system" beendet (kein Log).

ESET Log:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=32b42725720a804693aea8f74ad6e8fe
# engine=14491
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-22 06:00:20
# local_time=2013-07-22 08:00:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 115460 151225892 0 0
# compatibility_mode=5893 16776573 100 94 25174 126145870 0 0
# scanned=216653
# found=1
# cleaned=0
# scan_time=17228
sh=4656596F795E025D4460E663FEB2950A8AF500E7 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.OMX trojan" ac=I fn="C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\312a1db-6c59bb80"
FRST.txt:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2013
Ran by *** (administrator) on 22-07-2013 20:14:07
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Edimax Technology Co., Ltd.) C:\Program Files (x86)\Edimax\Common\RaUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKU\Privat\...\Run: [HP Photosmart 5510 series (NET)] - "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2353900W05V3:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\Privat\...\Policies\system: [DisableLockWorkstation] 0
HKU\UpdatusUser\...\Run: [HP Photosmart 5510 series (NET)] - "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2353900W05V3:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\UpdatusUser\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Server4PC.lnk
ShortcutTarget: Server4PC.lnk -> C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe (TechniSat Digital, S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files (x86)\Edimax\Common\RaUI.exe (Edimax Technology Co., Ltd.)
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i0ekc3bw.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

==================== Drivers (Whitelisted) ====================

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [52440 2012-12-26] (Asmedia Technology)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 SKYNETU2C; C:\Windows\System32\DRIVERS\SkyNetU2C_AMD64.SYS [270424 2010-05-10] (TechniSat Digital, S.A.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 20:10 - 2013-07-22 20:10 - 00891062 _____ C:\Users\***\Desktop\SecurityCheck.exe
2013-07-22 15:11 - 2013-07-22 15:11 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-22 15:10 - 2013-07-22 15:10 - 02347384 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-07-22 15:06 - 2013-07-22 15:06 - 00000497 _____ C:\Users\***\Downloads\Bestellung Eric.txt
2013-07-22 13:51 - 2013-07-22 13:53 - 229594432 _____ (NVIDIA Corporation) C:\Users\***\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-22 13:49 - 2013-07-22 13:49 - 00000000 ____D C:\Windows\Sun
2013-07-22 13:23 - 2013-07-22 13:23 - 01779363 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-22 13:21 - 2013-07-22 12:49 - 00000986 _____ C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-22 12:58 - 2013-07-22 12:58 - 00000911 _____ C:\Users\***\Desktop\JRT.txt
2013-07-22 12:55 - 2013-07-22 12:55 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 12:49 - 2013-07-22 12:49 - 00000986 _____ C:\AdwCleaner[S1].txt
2013-07-22 12:48 - 2013-07-22 12:48 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-22 12:46 - 2013-07-22 12:46 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-22 08:46 - 2013-03-06 13:44 - 00000000 ____D C:\Users\***\Downloads\Driver
2013-07-22 08:46 - 2012-11-30 21:06 - 00000230 _____ C:\Users\***\Downloads\Station Drivers ici tous les drivers nouveaux & anciens.url
2013-07-22 08:46 - 2012-11-14 12:39 - 04311241 _____ (Asmedia Technology) C:\Users\***\Downloads\setup.exe
2013-07-22 08:46 - 2012-11-08 13:41 - 00418632 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmtxhci.sys
2013-07-22 08:46 - 2012-11-08 13:41 - 00139592 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmthub3.sys
2013-07-22 08:46 - 2012-10-31 15:50 - 00006075 _____ C:\Users\***\Downloads\readme.txt
2013-07-22 08:45 - 2013-07-22 08:45 - 04520807 _____ (Igor Pavlov) C:\Users\***\Downloads\asmedia_usb3_11.6.4WHQL(www.station-drivers.com).exe
2013-07-22 08:27 - 2013-07-22 08:27 - 00000000 ____D C:\Users\***\Downloads\HD
2013-07-22 08:27 - 2013-05-28 22:37 - 03432776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-22 08:27 - 2013-05-28 17:27 - 00581517 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-07-22 08:27 - 2013-05-27 18:37 - 25625088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-07-22 08:27 - 2013-05-27 16:37 - 04820248 _____ (ASUSTeKcomputer.Inc) C:\Windows\system32\RTKSMlfx.dll
2013-07-22 08:27 - 2013-05-27 16:34 - 00748888 _____ (A-Volute) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-07-22 08:27 - 2013-05-26 23:24 - 05459436 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-07-22 08:27 - 2013-05-24 17:40 - 00142408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-07-22 08:27 - 2013-05-22 11:24 - 03744328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-22 08:27 - 2013-05-20 16:16 - 01003592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-22 08:27 - 2013-05-20 14:36 - 02794056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-22 08:27 - 2013-05-02 12:01 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-07-22 08:27 - 2013-05-02 12:01 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-07-22 08:27 - 2013-05-02 12:00 - 00920320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-07-22 08:27 - 2013-04-30 14:28 - 00916016 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-07-22 08:27 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-22 08:27 - 2013-04-23 00:40 - 02735648 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-07-22 08:27 - 2013-04-18 13:49 - 14035712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-07-22 08:27 - 2013-04-18 13:48 - 03138304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-07-22 08:27 - 2013-04-18 13:48 - 01903872 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00834328 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00635160 _____ (SRS Labs, Inc.) C:\Windows\system32\sltech64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00528152 _____ (SRS Labs, Inc.) C:\Windows\system32\sl3apo64.dll
2013-07-22 08:27 - 2013-04-16 06:23 - 00215320 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-07-22 08:27 - 2013-04-15 11:19 - 00722688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-07-22 08:27 - 2013-04-08 17:37 - 00148912 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-07-22 08:27 - 2013-04-08 17:36 - 00858032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-07-22 08:27 - 2013-04-08 17:36 - 00569256 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-07-22 08:27 - 2013-04-03 22:02 - 00613448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-07-22 08:27 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-07-22 08:25 - 2013-07-22 08:26 - 184018840 _____ C:\Users\***\Downloads\realtek_hd_audio.zip
2013-07-22 08:19 - 2013-07-22 08:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-22 08:19 - 2013-07-22 08:19 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 08:19 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-07-22 08:19 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-07-22 08:19 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-07-22 08:19 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-22 08:19 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-22 08:18 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-22 08:18 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-07-22 08:18 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-22 08:18 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-07-22 08:18 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-07-22 08:18 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-07-22 08:18 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-07-22 08:18 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-07-22 08:18 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-07-22 08:18 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-07-22 08:18 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-22 08:18 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-22 08:18 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-07-22 08:18 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-07-22 08:18 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-07-22 08:18 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-07-22 08:18 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-07-22 08:18 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-22 08:18 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-22 08:18 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-07-22 08:13 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-22 08:13 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-07-22 08:13 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-07-22 08:13 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-07-22 08:13 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-07-22 08:13 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-07-22 08:13 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-07-22 08:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-07-22 08:13 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-07-22 08:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-07-22 08:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-07-22 08:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-07-22 08:13 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-07-22 08:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-07-22 08:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-07-22 08:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-07-22 08:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-07-22 08:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-07-22 08:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-07-22 08:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-07-22 08:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-07-22 08:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-07-22 08:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-07-22 08:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-07-22 08:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-07-22 08:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-07-22 08:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-07-22 08:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-07-22 08:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-07-22 08:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-07-22 08:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-07-22 08:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-07-22 08:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-07-22 08:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-07-22 08:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-07-22 08:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-07-22 08:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-07-22 08:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-07-22 08:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-07-22 08:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-07-22 08:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-07-22 08:12 - 2013-07-22 08:13 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 08:11 - 2013-07-22 08:13 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-22 08:11 - 2013-07-22 08:11 - 00292184 _____ (Microsoft Corporation) C:\Users\***\Downloads\dxwebsetup.exe
2013-07-22 08:10 - 2013-07-22 08:13 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\***\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-07-22 08:09 - 2013-07-22 08:09 - 00869654 _____ C:\Users\***\Downloads\Driver_Win7_7072_05222013.zip
2013-07-22 07:59 - 2013-04-10 05:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-07-22 07:50 - 2013-04-01 14:06 - 02079816 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-07-22 07:48 - 2013-07-22 07:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-22 07:39 - 2013-07-22 07:39 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-07-22 07:38 - 2013-07-22 07:38 - 03235565 _____ C:\Users\***\Downloads\asm_sata3_1.4.1.0.zip
2013-07-22 07:30 - 2012-08-22 10:19 - 00011832 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\acpimof.dll
2013-07-22 07:29 - 2013-07-22 07:29 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 23:16 - 2013-07-21 23:16 - 00000000 ____D C:\Users\***\Downloads\p95v279.win64
2013-07-21 22:53 - 2013-07-21 22:53 - 00024674 _____ C:\ComboFix.txt
2013-07-21 22:48 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-21 22:48 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-21 22:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-21 22:48 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-21 22:47 - 2013-07-21 22:53 - 00000000 ____D C:\Qoobox
2013-07-21 22:47 - 2013-07-21 22:53 - 00000000 ____D C:\ComboFix
2013-07-21 22:47 - 2013-07-21 22:52 - 00000000 ____D C:\Windows\erdnt
2013-07-21 22:45 - 2013-07-21 22:45 - 05093416 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-21 15:49 - 2013-07-21 15:49 - 00021648 _____ C:\Users\***\Desktop\Addition.txt
2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:45 - 2013-02-27 15:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:55 - 2013-07-22 08:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 11:55 - 2013-07-21 11:56 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:55 - 2013-07-21 11:56 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:55 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-21 11:55 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-21 11:55 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-21 11:55 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:50 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-21 11:50 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-21 11:50 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-21 11:50 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-21 11:50 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-21 11:50 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-21 11:50 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:48 - 2013-07-21 11:49 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-21 11:48 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-21 11:48 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-21 11:48 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-21 11:48 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-21 11:48 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-21 11:45 - 2013-07-21 11:48 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:45 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-21 11:45 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-21 11:45 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-21 11:45 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-21 11:45 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-21 11:45 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-21 11:40 - 2013-07-21 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-04 22:22 - 2013-07-22 08:33 - 00000000 ____D C:\Users\***\Downloads\asm_sata3_1.4.1.0
2013-07-04 22:22 - 2012-12-26 19:27 - 00052440 _____ (Asmedia Technology) C:\Windows\system32\Drivers\asahci64.sys
2013-07-04 22:22 - 2012-09-03 17:04 - 00041984 _____ (Asmedia Technology) C:\Windows\system32\ahcipp64.dll
2013-07-04 15:10 - 2013-07-04 15:12 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:13 - 2013-06-26 20:14 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)

==================== One Month Modified Files and Folders =======

2013-07-22 20:10 - 2013-07-22 20:10 - 00891062 _____ C:\Users\***\Desktop\SecurityCheck.exe
2013-07-22 20:01 - 2012-09-27 16:55 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-07-22 19:53 - 2013-03-15 21:38 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-22 19:45 - 2012-04-17 12:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-22 19:45 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 19:45 - 2009-07-14 06:45 - 00022224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 15:11 - 2013-07-22 15:11 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-22 15:10 - 2013-07-22 15:10 - 02347384 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-07-22 15:06 - 2013-07-22 15:06 - 00000497 _____ C:\Users\***\Downloads\Bestellung Eric.txt
2013-07-22 13:53 - 2013-07-22 13:51 - 229594432 _____ (NVIDIA Corporation) C:\Users\***\Downloads\320.49-desktop-win8-win7-winvista-64bit-international-whql.exe
2013-07-22 13:49 - 2013-07-22 13:49 - 00000000 ____D C:\Windows\Sun
2013-07-22 13:49 - 2011-11-28 09:42 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-22 13:23 - 2013-07-22 13:23 - 01779363 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-22 12:58 - 2013-07-22 12:58 - 00000911 _____ C:\Users\***\Desktop\JRT.txt
2013-07-22 12:55 - 2013-07-22 12:55 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 12:53 - 2013-03-15 21:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-22 12:53 - 2012-01-23 15:12 - 01640077 _____ C:\Windows\WindowsUpdate.log
2013-07-22 12:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-22 12:50 - 2009-07-14 06:51 - 00127899 _____ C:\Windows\setupact.log
2013-07-22 12:49 - 2013-07-22 13:21 - 00000986 _____ C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-22 12:49 - 2013-07-22 12:49 - 00000986 _____ C:\AdwCleaner[S1].txt
2013-07-22 12:48 - 2013-07-22 12:48 - 00560639 _____ (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-22 12:46 - 2013-07-22 12:46 - 00666633 _____ C:\Users\***\Desktop\adwcleaner.exe
2013-07-22 08:45 - 2013-07-22 08:45 - 04520807 _____ (Igor Pavlov) C:\Users\***\Downloads\asmedia_usb3_11.6.4WHQL(www.station-drivers.com).exe
2013-07-22 08:33 - 2013-07-04 22:22 - 00000000 ____D C:\Users\***\Downloads\asm_sata3_1.4.1.0
2013-07-22 08:30 - 2013-07-21 11:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-22 08:27 - 2013-07-22 08:27 - 00000000 ____D C:\Users\***\Downloads\HD
2013-07-22 08:27 - 2013-07-22 08:19 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-22 08:26 - 2013-07-22 08:25 - 184018840 _____ C:\Users\***\Downloads\realtek_hd_audio.zip
2013-07-22 08:19 - 2013-07-22 08:19 - 00000000 ____D C:\Program Files\Realtek
2013-07-22 08:18 - 2010-11-21 05:47 - 00144382 _____ C:\Windows\PFRO.log
2013-07-22 08:13 - 2013-07-22 08:12 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-22 08:13 - 2013-07-22 08:11 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-22 08:13 - 2013-07-22 08:10 - 81891861 _____ (Realtek Semiconductor Corp.) C:\Users\***\Downloads\64bit_Vista_Win7_Win8_R271.exe
2013-07-22 08:13 - 2011-11-08 12:44 - 00361047 _____ C:\Windows\DirectX.log
2013-07-22 08:11 - 2013-07-22 08:11 - 00292184 _____ (Microsoft Corporation) C:\Users\***\Downloads\dxwebsetup.exe
2013-07-22 08:10 - 2013-05-22 05:13 - 00000000 ____D C:\Users\***\Downloads\Driver_Win7_7072_05222013
2013-07-22 08:09 - 2013-07-22 08:09 - 00869654 _____ C:\Users\***\Downloads\Driver_Win7_7072_05222013.zip
2013-07-22 08:03 - 2012-07-20 20:14 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2013-07-22 07:59 - 2013-07-22 07:48 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-07-22 07:59 - 2011-11-28 09:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 07:44 - 2012-04-01 12:12 - 00000000 ____D C:\Users\***\AppData\Roaming\SoftGrid Client
2013-07-22 07:39 - 2013-07-22 07:39 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA
2013-07-22 07:39 - 2011-11-14 13:18 - 00012790 _____ C:\Windows\DPINST.LOG
2013-07-22 07:38 - 2013-07-22 07:38 - 03235565 _____ C:\Users\***\Downloads\asm_sata3_1.4.1.0.zip
2013-07-22 07:29 - 2013-07-22 07:29 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 23:16 - 2013-07-21 23:16 - 00000000 ____D C:\Users\***\Downloads\p95v279.win64
2013-07-21 22:53 - 2013-07-21 22:53 - 00024674 _____ C:\ComboFix.txt
2013-07-21 22:53 - 2013-07-21 22:47 - 00000000 ____D C:\Qoobox
2013-07-21 22:53 - 2013-07-21 22:47 - 00000000 ____D C:\ComboFix
2013-07-21 22:52 - 2013-07-21 22:47 - 00000000 ____D C:\Windows\erdnt
2013-07-21 22:52 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-21 22:45 - 2013-07-21 22:45 - 05093416 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-21 15:49 - 2013-07-21 15:49 - 00021648 _____ C:\Users\***\Desktop\Addition.txt
2013-07-21 15:49 - 2013-07-21 15:49 - 00000000 ____D C:\FRST
2013-07-21 15:45 - 2013-07-21 15:45 - 05881080 _____ (Intel Corporation) C:\Users\***\Downloads\infinst_autol.exe
2013-07-21 15:45 - 2013-07-21 15:45 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Users\***\SystemRequirementsLab
2013-07-21 15:42 - 2013-07-21 15:42 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-07-21 15:42 - 2012-01-23 15:12 - 00000000 ____D C:\Users\***
2013-07-21 15:35 - 2010-11-21 08:50 - 03897460 _____ C:\Windows\system32\perfh007.dat
2013-07-21 15:35 - 2010-11-21 08:50 - 01137722 _____ C:\Windows\system32\perfc007.dat
2013-07-21 15:35 - 2009-07-14 07:13 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 15:32 - 2013-07-21 15:32 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Macromedia
2013-07-21 15:32 - 2012-04-17 12:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-21 15:32 - 2012-04-17 12:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-21 15:32 - 2012-04-17 12:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-21 15:23 - 2011-11-28 09:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-21 15:17 - 2013-07-21 15:17 - 00000072 _____ C:\3EDC4RFV.dat
2013-07-21 15:13 - 2013-07-21 15:13 - 06003527 _____ C:\Users\***\Downloads\7740v23.zip
2013-07-21 14:08 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-21 13:56 - 2013-07-21 13:56 - 00377856 _____ C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-21 13:51 - 2013-07-21 13:51 - 00078662 _____ C:\Users\***\Desktop\Extras.Txt
2013-07-21 13:50 - 2013-07-21 13:50 - 00073884 _____ C:\Users\***\Desktop\OTL.Txt
2013-07-21 13:38 - 2013-07-21 13:38 - 00602112 _____ (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-21 13:37 - 2013-07-21 13:37 - 00000480 _____ C:\Users\***\Desktop\defogger_disable.log
2013-07-21 13:37 - 2013-07-21 13:37 - 00000000 _____ C:\Users\***\defogger_reenable
2013-07-21 13:36 - 2013-07-21 13:36 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2013-07-21 12:59 - 2013-07-21 12:59 - 01376768 _____ C:\Users\***\Downloads\7z920-x64.msi
2013-07-21 12:59 - 2013-07-21 12:59 - 00000000 ____D C:\Program Files\7-Zip
2013-07-21 12:45 - 2013-07-21 12:45 - 00666633 _____ C:\Users\***\Downloads\adwcleaner06.exe
2013-07-21 12:12 - 2013-07-21 12:12 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-07-21 12:12 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-21 12:12 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-21 12:11 - 2013-07-21 12:11 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-21 12:11 - 2013-07-21 12:11 - 00000000 ____D C:\Program Files\CCleaner
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 12:10 - 2013-07-21 12:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 12:07 - 2012-03-23 15:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-21 12:07 - 2012-03-23 15:26 - 00000000 ____D C:\ProgramData\Adobe
2013-07-21 12:06 - 2012-03-23 15:38 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Adobe
2013-07-21 12:04 - 2013-07-21 12:04 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-21 12:04 - 2013-07-21 12:04 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-21 12:04 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-21 12:04 - 2012-10-02 15:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-07-21 12:04 - 2012-10-02 15:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-21 12:04 - 2012-04-17 12:24 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-21 12:02 - 2013-07-21 12:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 11:56 - 2013-07-21 11:56 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 11:56 - 2013-07-21 11:55 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 11:56 - 2013-07-21 11:55 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 11:55 - 2013-07-21 11:55 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 11:55 - 2013-07-21 11:55 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 11:52 - 2013-07-21 11:52 - 00000127 _____ C:\Windows\system32\MRT.INI
2013-07-21 11:50 - 2013-07-21 11:50 - 04396440 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup403.exe
2013-07-21 11:49 - 2013-07-21 11:49 - 15199352 _____ (FinalWire Ltd.                                              ) C:\Users\***\Downloads\aida64extreme300.exe
2013-07-21 11:49 - 2013-07-21 11:48 - 117478104 _____ C:\Users\***\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-07-21 11:48 - 2013-07-21 11:45 - 00000002 _____ C:\AvastSetup.log
2013-07-21 11:48 - 2013-03-15 21:38 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-21 11:48 - 2013-03-15 21:38 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-21 11:40 - 2013-07-21 11:40 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Users\HOLZHA~1\AppData\Local\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-21 11:40 - 2013-07-21 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-21 11:37 - 2013-07-21 11:37 - 00280368 _____ (Mozilla) C:\Users\***\Downloads\Firefox Setup Stub 22.0.exe
2013-07-21 11:35 - 2013-07-21 11:35 - 00293328 _____ C:\Windows\Minidump\072113-8907-01.dmp
2013-07-21 11:35 - 2012-02-29 19:32 - 520651347 _____ C:\Windows\MEMORY.DMP
2013-07-21 11:35 - 2012-02-29 19:32 - 00000000 ____D C:\Windows\Minidump
2013-07-21 11:21 - 2012-03-11 20:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-21 11:21 - 2012-03-11 20:17 - 00002632 _____ C:\ProgramData\hpzinstall.log
2013-07-21 11:14 - 2013-07-21 11:14 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Adobe
2013-07-09 13:26 - 2013-01-07 16:29 - 00000000 ____D C:\Users\***\Documents\German Truck Simulator
2013-07-09 13:17 - 2013-04-12 21:57 - 00000000 ____D C:\Users\***\Documents\Trucks & Trailers
2013-07-04 15:12 - 2013-07-04 15:10 - 00000000 ____D C:\ProgramData\A86F7BE40715AB180000A86ED37DB398
2013-06-26 20:14 - 2013-06-26 20:13 - 00000000 ____D C:\Users\***\Documents\Probleme (Lichtenhain)
2013-06-25 18:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-24 00:57 - 2011-11-08 13:28 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-22 13:13

==================== End Of Log ============================
--- --- ---


Probleme sind mir bis jetzt keine weiter aufgefallen.

Aber ich möchte mich schonmal für Deine bisherige Hilfe bedanken. :dankeschoen:
Hoffe wir bekommen den Rechner wieder halbwegs sauber.

Grüße
keep_smile

schrauber 22.07.2013 20:30
Der is schon sauber, der eine Fund ist nur in den temps :)

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

keep_smile 23.07.2013 07:20
Guten Morgen schrauber,

ich habe jetzt die letzten Schritte erledigt.

Danke für Deine Empfehlungen zum sicheren surfen.
Ich werde das an meine Bekannten weiter geben und es mit ihnen besprechen, wenn ich den Rechner wieder hinschaffe.

Hoffe damit ist jetzt alles erledigt und der Rechner wieder fit.

Ein riesen :dankeschoen: an dich für deine Hilfe und ein großes Lob für die Arbeit die ihr hier leistet. :daumenhoc DANKE!

Grüße
keep_smile :D

schrauber 23.07.2013 09:41
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131