Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows7, Spybot findet multiple Malware

Windows7, Spybot findet multiple Malware


Log-Analyse und Auswertung: Windows7, Spybot findet multiple Malware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.10.2013, 19:30   #1
PeterPan3
 
Windows7, Spybot findet multiple Malware - Standard

Windows7, Spybot findet multiple Malware


Hallo Zusammen,

Nach längerer Zeit habe ich nun erstmals mein Spybot über mein System laufen lassen. Leider zeigten sich unzählige Viren bzw. Malware, woraufhin ich hiermit Eure Hilfe ersuche.
Wie empfohlen liess ich die angegeben Programme über mein System laufen. Hier folgend liste ich die entsprechenden Logfiles auf:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Dirka (ATTENTION: The logged in user is not administrator) on DIRKA-THINK on 08-10-2013 19:47:05
Running from C:\Users\Dirka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Bandoo Media, inc) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TPHOTKEY] - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [69560 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-07-01] (Lenovo.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11049576 2010-07-15] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2010-09-17] (Lenovo)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [PoivY] - "C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe" -nosplash -minimized
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Runonce: [Del704687] - cmd.exe /Q /D /c del "C:\Users\Dirka\AppData\Local\Temp\0.del"
MountPoints2: {5ed9dc6f-5da2-11e0-a292-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [1129832 2010-08-24] (Lenovo Group Limited)
HKLM-x32\...\Run: [Message Center Plus] - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-27] ()
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2009-08-04] (Sonic Solutions)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [534880 2011-06-24] (Spigot, Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [DATAMNGR] - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1694608 2011-12-06] (Bandoo Media, inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll  [1791384 2011-12-06] (Bandoo Media, inc)
AppInit_DLLs-x32: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll  [1233816 2011-12-06] (Bandoo Media, inc)
Lsa: [Notification Packages] scecli ACGina

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=169&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {A8960C5C-8DE0-452D-8BBC-1559303B8B86} URL = 
SearchScopes: HKCU - {A8960C5C-8DE0-452D-8BBC-1559303B8B86} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.searchqu.com/406
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&appid=169&systemid=406&sr=0&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @e-academy.com/Host SDM Plugin; version=1.0.0.0 - C:\Users\Dirka\AppData\Local\e-academy Inc\Mozilla\Firefox\plugins\npHostSdmLoader.dll ()
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: Searchqu Toolbar - C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
FF Extension: No Name - C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Dirka\AppData\Roaming\Mozilla\Firefox\Profiles\rqqpdee4.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup:         "urls_to_restore_on_startup": [
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Extension: (Avira Toolbar) - C:\Users\Dirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.13.38650_0
CHR Extension: (Skype Click to Call) - C:\Users\Dirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-04] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-04] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-15] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-29] (Lenovo Group Limited)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-26] (Avira Operations GmbH & Co. KG)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 19:46 - 2013-10-08 19:46 - 00000000 ____D C:\FRST
2013-10-08 19:45 - 2013-10-08 19:46 - 01954124 _____ (Farbar) C:\Users\Dirka\Downloads\FRST64.exe
2013-10-08 19:43 - 2013-10-08 19:43 - 00050477 _____ C:\Users\Dirka\Downloads\Defogger.exe
2013-10-08 19:40 - 2013-10-08 19:40 - 00001121 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-08 19:40 - 2013-10-08 19:40 - 00000292 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-08 19:40 - 2013-10-08 19:40 - 00000000 ____D C:\Users\Dirka\AppData\Roaming\DigitalSite
2013-10-08 19:40 - 2013-10-08 19:40 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-08 19:39 - 2013-10-08 19:39 - 00749248 _____ C:\Users\Dirka\Downloads\ZipExtractorSetup.exe
2013-10-08 19:29 - 2013-10-08 19:29 - 99859239 _____ C:\Windows\SysWOW64\ꮪ�ᅌŠ
2013-10-07 21:52 - 2013-10-07 21:52 - 00239355 _____ C:\Users\Dirka\Desktop\SpybotSD.Results.txt
2013-09-12 19:33 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 19:33 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 19:33 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 19:33 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 19:33 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 19:33 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 19:33 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 19:33 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 19:33 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 19:33 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 19:33 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 19:33 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 19:33 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 19:33 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 08:51 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 08:51 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 08:51 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 08:51 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 08:51 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 08:51 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 08:51 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 08:51 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 08:51 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 08:51 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 08:51 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 08:51 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 08:51 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 08:51 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 08:51 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 08:51 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 08:51 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 08:51 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 08:51 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 08:51 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 08:51 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 08:51 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:51 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:51 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 08:51 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 08:51 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 08:51 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 17:25 - 2013-09-08 18:26 - 00000000 ____D C:\Users\Dirka\Desktop\Auswahl Schlafzimmer
2013-09-08 17:20 - 2013-09-08 17:20 - 00001117 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-09-08 17:19 - 2013-09-08 17:19 - 14965064 _____ (Google Inc.) C:\Users\Dirka\Downloads\picasa39-setup_3.9.136.20.exe

==================== One Month Modified Files and Folders =======

2013-10-08 19:46 - 2013-10-08 19:46 - 00000000 ____D C:\FRST
2013-10-08 19:46 - 2013-10-08 19:45 - 01954124 _____ (Farbar) C:\Users\Dirka\Downloads\FRST64.exe
2013-10-08 19:43 - 2013-10-08 19:43 - 00050477 _____ C:\Users\Dirka\Downloads\Defogger.exe
2013-10-08 19:43 - 2011-07-22 12:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-08 19:43 - 2011-07-22 11:08 - 00000000 ____D C:\Users\Save
2013-10-08 19:43 - 2011-04-03 05:58 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-10-08 19:41 - 2012-11-24 20:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 19:40 - 2013-10-08 19:40 - 00001121 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-08 19:40 - 2013-10-08 19:40 - 00000292 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-08 19:40 - 2013-10-08 19:40 - 00000000 ____D C:\Users\Dirka\AppData\Roaming\DigitalSite
2013-10-08 19:40 - 2013-10-08 19:40 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-08 19:39 - 2013-10-08 19:39 - 00749248 _____ C:\Users\Dirka\Downloads\ZipExtractorSetup.exe
2013-10-08 19:36 - 2011-04-03 05:58 - 00000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-10-08 19:36 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-08 19:36 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-08 19:34 - 2011-04-03 05:31 - 01062959 _____ C:\Windows\WindowsUpdate.log
2013-10-08 19:29 - 2013-10-08 19:29 - 99859239 _____ C:\Windows\SysWOW64\ꮪ�ᅌŠ
2013-10-08 19:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-08 19:28 - 2009-07-14 06:51 - 00141730 _____ C:\Windows\setupact.log
2013-10-07 21:52 - 2013-10-07 21:52 - 00239355 _____ C:\Users\Dirka\Desktop\SpybotSD.Results.txt
2013-10-03 15:04 - 2011-07-21 22:09 - 00000000 ____D C:\Users\Dirka
2013-10-03 15:03 - 2011-12-12 12:08 - 00000099 _____ C:\Users\Public\LMDebug.log
2013-09-20 21:55 - 2011-04-03 15:11 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-09-20 21:55 - 2011-04-03 15:11 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-09-20 21:55 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-20 21:42 - 2012-11-24 20:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 21:42 - 2011-07-22 18:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-14 23:48 - 2011-07-23 13:55 - 00000000 ____D C:\Users\Dirka\AppData\Roaming\Skype
2013-09-13 07:41 - 2013-05-18 00:48 - 00000000 ____D C:\Users\Dirka\AppData\Local\Mozilla Firefox
2013-09-13 00:30 - 2011-07-21 22:13 - 00000000 ___RD C:\Users\Dirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 00:30 - 2011-07-21 22:13 - 00000000 ___RD C:\Users\Dirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 00:29 - 2009-07-14 06:45 - 00460216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 19:34 - 2011-08-08 17:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 19:33 - 2013-08-18 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 19:30 - 2011-07-22 17:37 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-08 18:26 - 2013-09-08 17:25 - 00000000 ____D C:\Users\Dirka\Desktop\Auswahl Schlafzimmer
2013-09-08 18:12 - 2013-09-07 16:38 - 00000000 ____D C:\Users\Dirka\Desktop\gui y christian
2013-09-08 17:53 - 2013-08-29 16:03 - 00000000 ____D C:\Users\Dirka\Desktop\100_PANA
2013-09-08 17:20 - 2013-09-08 17:20 - 00001117 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-09-08 17:20 - 2011-08-18 16:24 - 00000000 ____D C:\Users\Dirka\AppData\Local\Google
2013-09-08 17:20 - 2011-08-10 14:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 17:19 - 2013-09-08 17:19 - 14965064 _____ (Google Inc.) C:\Users\Dirka\Downloads\picasa39-setup_3.9.136.20.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Dirka at 2013-10-08 19:48:48
Running from C:\Users\Dirka\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Registry Patch to arrange icons in Device and Printers folder of Windows 7 (Version: 1.00)
Access Help (x32 Version: 3.00)
Adobe AIR (x32 Version: 3.5.0.880)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader 9.4.5 (x32 Version: 9.4.5)
Anzeige am Bildschirm (Version: 6.10.01)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
Bonjour (Version: 3.0.0.10)
CDBurnerXP (x32 Version: 4.5.0.3661)
Cisco AnyConnect VPN Client (x32 Version: 2.5.2019)
Create Recovery Media (x32 Version: 1.20.0.00)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dienstprogramm "ThinkPad UltraNav" (x32 Version: 2.13.0)
DirectX 9 Runtime (x32 Version: 1.00.0000)
EndNote X5 (x32 Version: 15.0.0.5478)
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1872)
Intel(R) PROSet/Wireless WiFi-Software (Version: 13.00.0000)
InterVideo WinDVD 8 (x32 Version: 8.0.20.199)
iTunes (Version: 11.0.4.4)
Java Auto Updater (x32 Version: 2.0.5.1)
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260)
Java(TM) 6 Update 26 (x32 Version: 6.0.260)
JMicron Flash Media Controller Driver (x32 Version: 1.00.29.02)
Lenovo Auto Scroll Utility (Version: 1.00)
Lenovo System Interface Driver (Version: 1.02)
Lenovo ThinkVantage Toolbox (Version: 6.0.5717.21)
Lenovo Welcome (x32 Version: 2.02.003.0)
Malwarebytes' Anti-Malware Version 1.51.1.1800 (x32 Version: 1.51.1.1800)
Message Center Plus (x32 Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Hotmail Connector 64-Bit (Version: 14.0.5118.5000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobile Broadband (x32 Version: 3.6.0006)
Mozilla Firefox 21.0 (x86 de) (HKCU Version: 21.0)
Mozilla Firefox 6.0 (x86 de) (x32 Version: 6.0)
Mozilla Thunderbird (3.1.16) (x32 Version: 3.1.16 (en-GB))
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero Burning ROM 11 (x32 Version: 11.0.10500)
Nero Burning ROM 11 (x32 Version: 11.0.12500.24.100)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 11 (x32 Version: 11.0.15600.1.17)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.11500.28.0)
nero.prerequisites.msi (x32 Version: 11.0.20008)
Open It! (x32 Version: 1.1.1)
PASW Smartreader 18 (x32 Version: 18.0.1)
PDFCreator (x32 Version: 1.2.2)
pdfforge Toolbar v4.5 (x32 Version: 4.5)
Picasa 3 (x32 Version: 3.9)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.11.1127.2009)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6146)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
Rescue and Recovery (x32 Version: 4.30.0025.00)
ResearchSoft Direct Export Helper (x32)
Roxio Activation Module (x32 Version: 1.0)
Roxio Central Audio (x32 Version: 3.8.0)
Roxio Central Copy (x32 Version: 3.8.0)
Roxio Central Core (x32 Version: 3.8.0)
Roxio Central Data (x32 Version: 3.8.0)
Roxio Central Tools (x32 Version: 3.8.0)
Roxio Creator Small Business Edition (x32 Version: 10.3)
Roxio Creator Small Business Edition (x32 Version: 10.3.081)
Roxio Express Labeler 3 (x32 Version: 3.2.1)
Saal Design Software (x32 Version: 3.1.26)
Secunia PSI (2.0.0.3003) (x32)
Secure Download Manager (x32 Version: 3.0.0)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 5.10 (x32 Version: 5.10.116)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)
Sonic Icons for Lenovo (x32 Version: 2.0.0)
SPSS SmartViewer 15G (x32 Version: 15.0.1)
Spybot - Search & Destroy (x32 Version: 1.6.2)
System Update (x32 Version: 4.00.0032)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.2.0.9600)
ThinkPad Energie-Manager (x32 Version: 3.30)
ThinkPad FullScreen Magnifier (Version: 2.15)
ThinkPad Power Management Driver (Version: 1.60.0.4)
ThinkPad UltraNav Driver (Version: 15.0.18.0)
ThinkVantage Access Connections (x32 Version: 5.72)
ThinkVantage Communications Utility (Version: 1.42)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.72)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Zip Extractor (HKCU)
VD64Inst (Version: 1.00.0000)
Verizon Wireless Mobile Broadband Self Activation (x32 Version: 3.1.4)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Wartung Samsung CLP-320 Series (x32)
Windows iLivid Toolbar (x32 Version: 3.0.0.118320)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Treiberpaket - Intel (iaStor) hdc  (01/15/2010 9.5.7.1002) (Version: 01/15/2010 9.5.7.1002)
Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (Version: 11/18/2009 1.60.0.4)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Dirka\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => ?
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => ?

==================== Loaded Modules (whitelisted) =============

2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-03 05:43 - 2010-08-24 20:30 - 00047616 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2009-07-01 18:54 - 2009-07-01 18:54 - 00173344 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\Users\Dirka\Desktop\10x15 (2).JPG:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2013 07:15:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x11d0
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (10/07/2013 09:29:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x1158
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/20/2013 07:21:42 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x11f0
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/18/2013 09:32:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x11e4
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/16/2013 06:07:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x11d4
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/14/2013 10:29:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/13/2013 11:03:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x128c
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6302

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6302

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/08/2013 07:15:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/08/2013 07:15:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (10/08/2013 07:15:57 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/08/2013 07:15:57 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/07/2013 09:29:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/07/2013 09:29:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.

Error: (10/07/2013 09:29:57 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/07/2013 09:29:56 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/07/2013 07:13:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/07/2013 07:13:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Service erreicht.


Microsoft Office Sessions:
=========================
Error: (10/08/2013 07:15:48 AM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148711d001cec3e5695b6bd1C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeb07cce28-2fd8-11e3-b8f4-60eb69fcc3ee

Error: (10/07/2013 09:29:46 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487115801cec3938b7875b1C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exed2a8204a-2f86-11e3-b45b-60eb69fcc3ee

Error: (09/20/2013 07:21:42 AM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148711f001ceb5c140c3248eC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe87dd62c4-21b4-11e3-a293-60eb69fcc3ee

Error: (09/18/2013 09:32:17 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148711e401ceb4a5bf2a4783C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe06506c9b-2099-11e3-ae4a-60eb69fcc3ee

Error: (09/16/2013 06:07:54 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148711d401ceb2f6dd311490C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe244b52c6-1eea-11e3-a64a-60eb69fcc3ee

Error: (09/14/2013 10:29:21 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148711a001ceb1890e36868bC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe559cf0ca-1d7c-11e3-81b1-60eb69fcc3ee

Error: (09/13/2013 11:03:44 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487128c01ceb0c4b10f6ba7C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exef925bd42-1cb7-11e3-9857-60eb69fcc3ee

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6302

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6302

Error: (09/11/2013 09:15:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3932.86 MB
Available physical RAM: 2307.86 MB
Total Pagefile: 7863.91 MB
Available Pagefile: 5900.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:454.82 GB) (Free:298.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:1.91 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-08 20:13:55
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HITACHI_ rev.PC4Z 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Save\AppData\Local\Temp\kglcipow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69          0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155         00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[2652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[2652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                               00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155               00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2924] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69             0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2924] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155            00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[3832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[3832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe[4060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69       0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe[4060] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe[1568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69             0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe[1568] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155            00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[3552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[3552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2
.text  C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                            0000000077871465 2 bytes [87, 77]
.text  C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                           00000000778714bb 2 bytes [87, 77]
.text  ...                                                                                                                                     * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f3ad3f74a                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9de5ed2                                                             
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f3ad3f74a (not active ControlSet)                                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9de5ed2 (not active ControlSet)                                         

---- Disk sectors - GMER 2.1 ----

Disk   \Device\Harddisk0\DR0                                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----
Vielen Dank schonmal im Vorraus für Eure Hilfe.

Gruss, Peter Pan.

 

Themen zu Windows7, Spybot findet multiple Malware
4d36e972-e325-11ce-bfc1-08002be10318, avira, avira searchfree toolbar, bildschirm, chromium, excel, farbar, farbar recovery scan tool, flash player, malware, pdfforge toolbar, plug-in, pup.optional.bandoo.a, pup.optional.datamngr.a, pup.optional.digitalsite.a, pup.optional.installcore, pup.optional.searchqu, pwmtr64v.dll, safer networking, scan, services.exe, svchost.exe, system, viren, windows


« Virenfund | Windows Vista Home Premium Service Pack 2 2007: Webseiten werden auf Werbung umgeleitet! Besonders bei Googlesuche! ihavenet Virus? »


Ähnliche Themen: Windows7, Spybot findet multiple Malware


  1. Spybot findet win32.downloader.gen
    Plagegeister aller Art und deren Bekämpfung - 13.09.2015 (9)
  2. Scan mit Spybot & Destroy findet Malware
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (9)
  3. Windows7; SpyBot findet Win32.downloader.gen
    Log-Analyse und Auswertung - 05.10.2013 (19)
  4. Windows7: Malwarebytes findet 8 infizierte Dateien
    Log-Analyse und Auswertung - 19.09.2013 (9)
  5. ESET findet "multiple threats" trotz grünem Licht von MalwareBytes, AdwCleaner und JRT
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (11)
  6. multiple Malware: Live Security Platinum, SpyHunter
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (22)
  7. Antivir findet 9 Viren, malware findet nichts mehr
    Plagegeister aller Art und deren Bekämpfung - 28.05.2012 (18)
  8. Viren, Trojaner, Malware auf meinem PC. AntiVir findet, löscht und findet wieder.
    Plagegeister aller Art und deren Bekämpfung - 10.07.2010 (6)
  9. Spybot findet mehr als 30 Einträge :(
    Log-Analyse und Auswertung - 17.05.2009 (2)
  10. Spybot findet win32.agent.sd
    Plagegeister aller Art und deren Bekämpfung - 21.11.2008 (1)
  11. Spy Eraser findet Adware.CWS, Malware - Avira findet HEUR/HTML.Malware
    Log-Analyse und Auswertung - 20.10.2008 (1)
  12. Escan findet multiple Viren + Malware
    Plagegeister aller Art und deren Bekämpfung - 23.08.2007 (7)
  13. Spybot findet Winantivirus Pro 2006
    Log-Analyse und Auswertung - 31.01.2007 (1)
  14. Spybot findet immer die gleichen Sachen !
    Antiviren-, Firewall- und andere Schutzprogramme - 21.10.2006 (7)
  15. Spybot findet dauerdn gleiche Einträge
    Antiviren-, Firewall- und andere Schutzprogramme - 27.10.2005 (25)
  16. Spybot S&D v.1.3 findet....
    Plagegeister aller Art und deren Bekämpfung - 02.09.2004 (8)
  17. spybot findet netspy
    Plagegeister aller Art und deren Bekämpfung - 14.07.2004 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows7, Spybot findet multiple Malware - Hallo Zusammen, Nach längerer Zeit habe ich nun erstmals mein Spybot über mein System laufen lassen. Leider zeigten sich unzählige Viren bzw. Malware, woraufhin ich hiermit Eure Hilfe ersuche. Wie - Windows7, Spybot findet multiple Malware...
Archiv
Du betrachtest: Windows7, Spybot findet multiple Malware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55