| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows XP, Hijacker.Specific911_HijackWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.09.2013, 17:31
| #9 |
| |  Windows XP, Hijacker.Specific911_Hijack Hallo schrauber, sorry, war wohl doch noch etwas zu früh ... Hier die log-file von FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by Axel (administrator) on NAME-C1368D6B0A on 18-09-2013 03:29:38
Running from C:\Dokumente und Einstellungen\Axel\Desktop\PC-Sicherheit
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Threat Expert Ltd.) C:\Programme\Spyware Doctor\BDT\BDTUpdateService.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Programme\Windows Media Player\WMPNetwk.exe
(Canon Inc.) C:\Programme\Canon\CAL\CALMAIN.exe
(Samsung Electronics Co., Ltd.) C:\Programme\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Programme\Windows Media Player\WMPNSCFG.exe
() C:\Programme\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NeroFilterCheck] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Programme\Gemeinsame Dateien\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] - C:\Programme\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-08] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\WgaLogon: C:\Windows\system32\WgaLogon.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Programme\Windows Media Player\WMPNSCFG.exe [204288 2006-11-03] (Microsoft Corporation)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Alexandra2\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Alexandra2\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2013-05-01] (Apple Inc.)
HKU\Alexandra2\...\Run: [Tele2FSecureinfo] - C:\Programme\Tele2\SupportCenter\T2FSInfo.exe [ 2008-09-04] (mquadr.at software engineering & consulting GmbH - Web: hxxp://www.mquadr.at - Mail: office@mquadr.at)
HKU\Alexandra2\...\Run: [KiesPreload] - C:\Programme\Samsung\Kies\Kies.exe [ 2012-12-20] (Samsung)
HKU\Alexandra2\...\Run: [] - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [ 2012-12-20] (Samsung)
HKU\Alexandra2\...\Run: [WMPNSCFG] - C:\Programme\Windows Media Player\WMPNSCFG.exe [ 2006-11-03] (Microsoft Corporation)
HKU\Default User\...\Run: [BullGuard] - "C:\Programme\BullGuard Software\BullGuard\bullguard.exe"
HKU\Fabian\...\Run: [BullGuard] - "C:\Programme\BullGuard Software\BullGuard\bullguard.exe"
HKU\Fabian\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2013-05-01] (Apple Inc.)
HKU\Fabian.NAME-C1368D6B0A\...\Run: [BullGuard] - "C:\Programme\BullGuard Software\BullGuard\bullguard.exe"
HKU\Fabian.NAME-C1368D6B0A\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2013-05-01] (Apple Inc.)
Startup: C:\Dokumente und Einstellungen\Alexandra2\Startmenü\Programme\Autostart\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Alexandra2\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Programme\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dsl-start.computerbild.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {15B782AF-55D8-11D1-B477-006097098764} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://www.ifolor.at/ORDERINGGENERAL/LowRes/app_support/_2_1_8/ActiveX/IfolorUploader_chkr.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {48580E34-E37A-454A-8EC4-FC7598B01D77} hxxp://order.ifolor.at/GENERAL/LowRes/app_support/2/ActiveX/IfolorUploader_chkr.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153321923750
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1153324312843
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 05 C:\WINDOWS\system32\tnnsghmkr.dll File Not found ()
Winsock: Catalog9 01 C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Programme\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Programme\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll [321464] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 20 C:\Programme\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Mozilla\Firefox\Profiles\jptj73di.default
FF Homepage: hxxp://www.gmx.at/
FF NetworkProxy: "no_proxies_on", "localho,t,127.0.0.1,*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Programme\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: amznUWL2 - C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Mozilla\Firefox\Profiles\jptj73di.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Mozilla\Firefox\Profiles\jptj73di.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
========================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-04-20] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-09-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-08] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-08] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008 2012-12-21] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-31] (Apple Inc.)
R2 Browser Defender Update Service; C:\Programme\Spyware Doctor\BDT\BDTUpdateService.exe [112592 2009-11-10] (Threat Expert Ltd.)
R2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
S4 CLCapSvc; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [266338 2006-07-13] ()
S4 CLSched; C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [122976 2006-07-13] ()
S4 CyberLink Media Library Service; C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [1073152 2006-07-13] (Cyberlink)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-04-21] (Macrovision Europe Ltd.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2011-01-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2011-01-02] (Google Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2013-05-31] (Apple Inc.)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2006-04-24] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-26] (Mozilla Foundation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [167936 2006-07-13] ()
S3 sdAuxService; C:\Programme\Spyware Doctor\pctsAuxs.exe [365280 2009-12-09] (PC Tools)
S3 sdCoreService; C:\Programme\Spyware Doctor\pctsSvc.exe [1141712 2010-01-18] (PC Tools)
R2 Update-Service; C:\Windows\System32\UpdSvc.dll [114000 2011-12-07] (Joosoft.com GmbH)
S3 usnsvc; C:\Programme\MSN Messenger\usnsvc.dll [117544 2006-06-16] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)
S2 Dnscache; %SystemRoot%\System32\pouavx4m3.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-08] (Avira Operations GmbH & Co. KG)
S3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 FETND5BV; C:\Windows\System32\DRIVERS\fetnd5bv.sys [42496 2005-11-16] (VIA Technologies, Inc. )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 HdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [137216 2006-07-17] (VIA Technologies, Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16694 2009-11-19] (PalmSource, Inc.)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [207280 2009-09-23] (PC Tools)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-08] (Avira GmbH)
S3 viagfx; C:\Windows\System32\DRIVERS\vtmini.sys [254080 2006-06-01] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [186592 2009-05-06] (Jungo)
S3 catchme; \??\C:\DOKUME~1\Axel\LOKALE~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-17 20:17 - 2013-09-17 20:17 - 00015388 _____ C:\Dokumente und Einstellungen\Axel\Desktop\hs_err_pid1852.log
2013-09-17 19:53 - 2013-09-17 19:53 - 98008335 _____ C:\WINDOWS\system32\츟쀼嚤6
2013-09-17 11:27 - 2013-09-17 11:27 - 00015388 _____ C:\Dokumente und Einstellungen\Alexandra2\hs_err_pid1852.log
2013-09-16 21:42 - 2013-09-16 21:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-16 21:20 - 2013-09-16 21:41 - 00000000 ____D C:\AdwCleaner
2013-09-16 20:18 - 2013-09-16 20:18 - 97787879 _____ C:\WINDOWS\system32\ᰴ嚤6
2013-09-16 14:41 - 2013-09-16 17:31 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2\Desktop\Kalenderpics
2013-09-16 13:40 - 2013-09-16 13:40 - 97757658 _____ C:\WINDOWS\system32\ꍢ嚤6
2013-09-15 22:57 - 2013-09-15 22:57 - 00000760 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Malwarebytes
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2013-09-15 22:57 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-15 22:23 - 2013-09-15 22:23 - 00013699 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-15 22:19 - 2013-09-15 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-15 22:19 - 2013-09-15 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-15 22:18 - 2013-09-15 22:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-15 21:57 - 2013-09-15 22:19 - 00011958 _____ C:\WINDOWS\KB2876315.log
2013-09-15 21:57 - 2013-09-15 22:19 - 00011167 _____ C:\WINDOWS\KB2864063.log
2013-09-15 21:57 - 2013-09-15 22:19 - 00010957 _____ C:\WINDOWS\KB2876217.log
2013-09-15 16:44 - 2013-09-15 16:44 - 00000000 ____D C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A\Anwendungsdaten\Avira
2013-09-14 23:31 - 2013-09-14 23:31 - 97600188 _____ C:\WINDOWS\system32\뗔몷嚤6
2013-09-13 19:41 - 2013-09-13 19:41 - 97503480 _____ C:\WINDOWS\system32\嚤6
2013-09-13 13:00 - 2013-09-13 13:00 - 97446370 _____ C:\WINDOWS\system32\⤆嚤6
2013-09-12 23:14 - 2013-09-12 23:14 - 00015599 _____ C:\ComboFix.txt
2013-09-12 22:52 - 2013-09-12 22:52 - 00000000 _RSHD C:\cmdcons
2013-09-12 22:52 - 2009-04-06 19:35 - 00000211 _____ C:\Boot.bak
2013-09-12 22:52 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2013-09-12 22:48 - 2013-09-12 23:14 - 00000000 ____D C:\Qoobox
2013-09-12 22:48 - 2013-09-12 23:13 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-12 22:48 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-09-12 22:48 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-09-12 22:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-09-12 22:48 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-09-12 02:05 - 2013-09-12 02:05 - 00000643 _____ C:\WINDOWS\wmsetup.log
2013-09-12 02:04 - 2013-09-12 02:04 - 00000466 _____ C:\WINDOWS\regopt.log
2013-09-12 01:45 - 2013-09-12 01:45 - 00000000 ____D C:\Programme\7-Zip
2013-09-12 01:45 - 2013-09-12 01:45 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
2013-09-11 20:53 - 2013-09-11 20:53 - 00000000 ____D C:\FRST
2013-09-11 20:48 - 2013-09-11 20:48 - 00000000 _____ C:\Dokumente und Einstellungen\Axel\defogger_reenable
2013-09-11 20:42 - 2013-09-18 03:29 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Desktop\PC-Sicherheit
2013-09-11 07:58 - 2013-09-11 07:58 - 97063418 _____ C:\WINDOWS\system32\뇧亃嚤6
2013-09-09 07:53 - 2013-09-09 07:53 - 96592724 _____ C:\WINDOWS\system32\妚끫嚤6
2013-09-08 15:29 - 2013-09-08 15:29 - 96566691 _____ C:\WINDOWS\system32\䷵컞嚤6
2013-09-08 09:02 - 2013-09-08 09:02 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2\Anwendungsdaten\Avira
2013-09-08 08:25 - 2013-09-08 08:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-09-08 08:23 - 2013-09-08 08:25 - 00155678 _____ C:\WINDOWS\KB2863058.log
2013-09-08 07:56 - 2013-09-08 07:56 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Avira
2013-09-08 07:51 - 2013-09-08 07:52 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Mozilla
2013-09-08 07:51 - 2013-09-08 07:51 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
2013-09-08 07:45 - 2013-09-08 07:45 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2013-09-08 07:44 - 2013-09-08 07:31 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-08 07:44 - 2013-09-08 07:31 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-08 07:44 - 2013-09-08 07:31 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-08 07:44 - 2013-09-08 07:31 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-08 07:43 - 2013-09-08 07:45 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2013-09-08 07:43 - 2013-09-08 07:43 - 00000000 ____D C:\Programme\Avira
2013-09-06 11:38 - 2013-09-15 22:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-06 11:38 - 2013-09-06 11:38 - 00005155 _____ C:\WINDOWS\KB2834904-v2.log
2013-09-06 11:38 - 2013-09-06 11:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-09-06 11:38 - 2013-09-06 11:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-06 11:37 - 2013-09-06 11:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-09-06 11:37 - 2013-09-06 11:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-09-06 11:22 - 2013-09-06 11:38 - 00010063 _____ C:\WINDOWS\KB2850869.log
2013-09-06 11:19 - 2013-09-06 11:37 - 00011697 _____ C:\WINDOWS\KB2859537.log
2013-08-26 14:38 - 2013-08-26 16:46 - 00000000 ____D C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-09-18 03:29 - 2013-09-11 20:42 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Desktop\PC-Sicherheit
2013-09-18 03:14 - 2006-07-17 10:29 - 00000000 ___RD C:\Programme
2013-09-18 03:13 - 2009-04-06 19:29 - 01337706 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-18 02:49 - 2012-06-30 10:33 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-18 02:46 - 2011-01-02 18:34 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-17 20:17 - 2013-09-17 20:17 - 00015388 _____ C:\Dokumente und Einstellungen\Axel\Desktop\hs_err_pid1852.log
2013-09-17 20:08 - 2009-04-15 19:40 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2
2013-09-17 19:53 - 2013-09-17 19:53 - 98008335 _____ C:\WINDOWS\system32\츟쀼嚤6
2013-09-17 19:43 - 2011-01-02 18:34 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-17 19:43 - 2009-04-10 10:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-17 19:43 - 2009-04-10 10:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-17 19:43 - 2006-07-19 15:02 - 00062925 _____ C:\WINDOWS\system32\nvapps.xml
2013-09-17 19:43 - 2006-07-17 09:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-17 18:47 - 2009-04-06 19:29 - 00032494 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-17 18:46 - 2009-04-15 19:40 - 00000300 ___SH C:\Dokumente und Einstellungen\Alexandra2\ntuser.ini
2013-09-17 18:38 - 2013-03-17 10:02 - 00000000 ___RD C:\Dokumente und Einstellungen\Alexandra2\Eigene Dateien\Dropbox
2013-09-17 18:38 - 2013-03-17 09:59 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2\Anwendungsdaten\Dropbox
2013-09-17 18:31 - 2006-07-07 10:08 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-17 11:27 - 2013-09-17 11:27 - 00015388 _____ C:\Dokumente und Einstellungen\Alexandra2\hs_err_pid1852.log
2013-09-16 23:23 - 2009-04-06 19:35 - 00000300 ___SH C:\Dokumente und Einstellungen\Axel\ntuser.ini
2013-09-16 23:23 - 2009-04-06 19:35 - 00000000 ____D C:\Dokumente und Einstellungen\Axel
2013-09-16 21:42 - 2013-09-16 21:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-16 21:41 - 2013-09-16 21:20 - 00000000 ____D C:\AdwCleaner
2013-09-16 20:18 - 2013-09-16 20:18 - 97787879 _____ C:\WINDOWS\system32\ᰴ嚤6
2013-09-16 17:31 - 2013-09-16 14:41 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2\Desktop\Kalenderpics
2013-09-16 17:30 - 2009-12-26 18:13 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-09-16 17:30 - 2006-07-17 09:38 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService
2013-09-16 13:40 - 2013-09-16 13:40 - 97757658 _____ C:\WINDOWS\system32\ꍢ嚤6
2013-09-16 13:37 - 2009-05-13 22:16 - 00593408 ___SH C:\Dokumente und Einstellungen\Alexandra2\Desktop\Thumbs.db
2013-09-15 23:32 - 2009-08-31 09:26 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Desktop\axel
2013-09-15 22:57 - 2013-09-15 22:57 - 00000760 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Malwarebytes
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2013-09-15 22:57 - 2013-09-15 22:57 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2013-09-15 22:57 - 2006-07-17 10:28 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2013-09-15 22:28 - 2006-07-17 10:28 - 03831464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-15 22:23 - 2013-09-15 22:23 - 00013699 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00226532 _____ C:\WINDOWS\FaxSetup.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00121817 _____ C:\WINDOWS\ocgen.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00084949 _____ C:\WINDOWS\tsoc.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00072440 _____ C:\WINDOWS\comsetup.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00045986 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00032479 _____ C:\WINDOWS\iis6.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00012638 _____ C:\WINDOWS\ocmsn.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00011230 _____ C:\WINDOWS\msgsocm.log
2013-09-15 22:23 - 2013-03-15 00:06 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-15 22:23 - 2013-03-15 00:05 - 00045887 _____ C:\WINDOWS\updspapi.log
2013-09-15 22:23 - 2013-02-24 11:37 - 00068749 _____ C:\WINDOWS\setupapi.log
2013-09-15 22:23 - 2009-06-03 19:30 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-15 22:19 - 2013-09-15 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-15 22:19 - 2013-09-15 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-15 22:19 - 2013-09-15 21:57 - 00011958 _____ C:\WINDOWS\KB2876315.log
2013-09-15 22:19 - 2013-09-15 21:57 - 00011167 _____ C:\WINDOWS\KB2864063.log
2013-09-15 22:19 - 2013-09-15 21:57 - 00010957 _____ C:\WINDOWS\KB2876217.log
2013-09-15 22:19 - 2013-03-15 00:06 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-15 22:18 - 2013-09-15 22:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-15 22:16 - 2006-07-07 10:08 - 00000603 _____ C:\WINDOWS\win.ini
2013-09-15 22:11 - 2013-09-06 11:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-15 22:05 - 2006-07-17 11:36 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-15 17:30 - 2013-07-18 20:39 - 00492320 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2013-09-15 17:30 - 2012-10-29 09:17 - 00000190 ___SH C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A\ntuser.ini
2013-09-15 17:30 - 2012-10-29 09:17 - 00000000 ____D C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A
2013-09-15 17:06 - 2012-10-31 11:46 - 00000000 ____D C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A\Eigene Dateien\TubeBox
2013-09-15 16:44 - 2013-09-15 16:44 - 00000000 ____D C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A\Anwendungsdaten\Avira
2013-09-15 16:42 - 2013-04-14 17:35 - 00002269 _____ C:\Dokumente und Einstellungen\Fabian.NAME-C1368D6B0A\Desktop\Freetec TubeBox.lnk
2013-09-14 23:31 - 2013-09-14 23:31 - 97600188 _____ C:\WINDOWS\system32\뗔몷嚤6
2013-09-13 19:51 - 2012-04-04 18:25 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 19:51 - 2011-06-04 20:09 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-13 19:41 - 2013-09-13 19:41 - 97503480 _____ C:\WINDOWS\system32\嚤6
2013-09-13 13:00 - 2013-09-13 13:00 - 97446370 _____ C:\WINDOWS\system32\⤆嚤6
2013-09-12 23:14 - 2013-09-12 23:14 - 00015599 _____ C:\ComboFix.txt
2013-09-12 23:14 - 2013-09-12 22:48 - 00000000 ____D C:\Qoobox
2013-09-12 23:13 - 2013-09-12 22:48 - 00000000 ____D C:\WINDOWS\erdnt
2013-09-12 23:11 - 2006-07-07 10:08 - 00000227 _____ C:\WINDOWS\system.ini
2013-09-12 22:52 - 2013-09-12 22:52 - 00000000 _RSHD C:\cmdcons
2013-09-12 22:52 - 2006-07-07 10:08 - 00000327 __RSH C:\boot.ini
2013-09-12 15:31 - 2011-05-29 11:40 - 00000464 ____H C:\WINDOWS\Tasks\Norton Security Scan for Alexandra2.job
2013-09-12 02:20 - 2013-02-17 23:00 - 00002347 _____ C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
2013-09-12 02:05 - 2013-09-12 02:05 - 00000643 _____ C:\WINDOWS\wmsetup.log
2013-09-12 02:04 - 2013-09-12 02:04 - 00000466 _____ C:\WINDOWS\regopt.log
2013-09-12 02:04 - 2006-07-17 11:27 - 00001024 ____H C:\WINDOWS\system32\config\userdiff.LOG
2013-09-12 01:45 - 2013-09-12 01:45 - 00000000 ____D C:\Programme\7-Zip
2013-09-12 01:45 - 2013-09-12 01:45 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
2013-09-12 00:06 - 2012-03-14 23:46 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-09-11 21:14 - 2006-07-17 09:33 - 00000000 ____D C:\WINDOWS\Registration
2013-09-11 20:53 - 2013-09-11 20:53 - 00000000 ____D C:\FRST
2013-09-11 20:48 - 2013-09-11 20:48 - 00000000 _____ C:\Dokumente und Einstellungen\Axel\defogger_reenable
2013-09-11 20:44 - 2006-07-28 16:19 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-09-11 20:26 - 2013-04-01 20:58 - 00000000 ____D C:\Programme\Spyware Doctor
2013-09-11 07:58 - 2013-09-11 07:58 - 97063418 _____ C:\WINDOWS\system32\뇧亃嚤6
2013-09-10 07:23 - 2006-07-17 09:38 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-09-09 07:53 - 2013-09-09 07:53 - 96592724 _____ C:\WINDOWS\system32\妚끫嚤6
2013-09-08 15:29 - 2013-09-08 15:29 - 96566691 _____ C:\WINDOWS\system32\䷵컞嚤6
2013-09-08 09:02 - 2013-09-08 09:02 - 00000000 ____D C:\Dokumente und Einstellungen\Alexandra2\Anwendungsdaten\Avira
2013-09-08 08:25 - 2013-09-08 08:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-09-08 08:25 - 2013-09-08 08:23 - 00155678 _____ C:\WINDOWS\KB2863058.log
2013-09-08 08:25 - 2009-04-27 07:36 - 00261880 _____ C:\WINDOWS\system32\TZLog.log
2013-09-08 08:22 - 2006-07-17 10:29 - 01020268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-08 07:56 - 2013-09-08 07:56 - 00000000 ____D C:\Dokumente und Einstellungen\Axel\Anwendungsdaten\Avira
2013-09-08 07:52 - 2013-09-08 07:51 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Mozilla
2013-09-08 07:51 - 2013-09-08 07:51 - 00000000 ____D C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
2013-09-08 07:46 - 2012-10-26 16:12 - 00000000 ____D C:\Dokumente und Einstellungen\Fabian
2013-09-08 07:45 - 2013-09-08 07:45 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2013-09-08 07:45 - 2013-09-08 07:43 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2013-09-08 07:43 - 2013-09-08 07:43 - 00000000 ____D C:\Programme\Avira
2013-09-08 07:31 - 2013-09-08 07:44 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-08 07:31 - 2013-09-08 07:44 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-08 07:31 - 2013-09-08 07:44 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-08 07:31 - 2013-09-08 07:44 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-06 11:38 - 2013-09-06 11:38 - 00005155 _____ C:\WINDOWS\KB2834904-v2.log
2013-09-06 11:38 - 2013-09-06 11:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-09-06 11:38 - 2013-09-06 11:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-06 11:38 - 2013-09-06 11:22 - 00010063 _____ C:\WINDOWS\KB2850869.log
2013-09-06 11:37 - 2013-09-06 11:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-09-06 11:37 - 2013-09-06 11:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-09-06 11:37 - 2013-09-06 11:19 - 00011697 _____ C:\WINDOWS\KB2859537.log
2013-08-26 17:59 - 2012-05-21 01:15 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-08-26 16:46 - 2013-08-26 14:38 - 00000000 ____D C:\Programme\Mozilla Firefox
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Alexandra2\Lokale Einstellungen\temp\idb0nwpf.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-07-07 10:07] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2006-07-07 10:08] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2006-07-07 10:08] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2006-07-07 10:07] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2006-07-07 10:08] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2006-07-07 10:08] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2006-07-07 10:08] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
Vielen Dank, LG M_AX  |
| Themen zu Windows XP, Hijacker.Specific911_Hijack |
| .com, antivirus, cpu, desktop, farbar, farbar recovery scan tool, fehler, firefox, flash player, format, help, helper, home, homepage, internet, internet explorer, logfile, plug-in, rundll, scan, security, software, spyware, system, tubebox, usb, virus, windows, windows xp |
Baum-Darstellung