Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet

Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet


Log-Analyse und Auswertung: Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.10.2013, 14:47   #1
ThDean
 
Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet - Standard

Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet


Hallo,

schon seit langem beobachte ich das Trojaner Board und werde nun ebenfalls versuchen, mir hier helfen zu lassen.

Mein Ursprungsproblem:
Wahllose Wörter auf beliebigen Websites durch Werbung verlinkt.

Darauf Avira gestartet was mehrere Meldungen brachte.

Mich an Trojaner Board erinnert, die Schritte abgearbeitet und nun mit der Bitte um Hilfe registriert.

Meine Log Dateien:

Frst:
[QUOTE=FRST]
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2013
Ran by James Dean (administrator) on JAMESDEAN-PC on 20-10-2013 14:53:17
Running from C:\Users\James Dean\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() c:\programdata\summersoft\optimizerpro\OptimizerPro.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Spotify Ltd) C:\Users\James Dean\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(CyberLink Corp.) C:\Program Files (x86)\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [685568 2008-01-23] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [225792 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [POEngine5] - [x]
HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-30] (Hewlett-Packard)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\James Dean\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-16] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\James Dean\AppData\Roaming\Spotify\Spotify.exe [4752384 2013-10-16] (Spotify Ltd)
HKCU\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\Explorer: [NoLogoff] 0
MountPoints2: {adaeb1f9-ca74-11df-ba86-002186dad317} - G:\autorun.exe
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [QPService] - C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2008-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SearchSettings] - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [534880 2011-08-17] (Spigot, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2010-02-15] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\dean\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-30] (Hewlett-Packard)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-30] (Hewlett-Packard)
HKU\elephant\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Jimmy Dean\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Jimmy Dean\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\postgres\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
AppInit_DLLs:   [1555968 2009-04-11] ()
AppInit_DLLs-x32: c:\progra~2\ssd8e3~1.hel\psupport.dll c:\progra~2\websea~1\sprote~1.dll [1044480 2013-01-24] ()
Startup: C:\Users\James Dean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Mail.lnk
ShortcutTarget: Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
URLSearchHook: (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 - DefaultScope {DDF02204-49F2-4F36-869F-00E875485BD5} URL = 
SearchScopes: HKLM-x32 - {3902400C-5C9F-4272-B9E3-A270032A7C98} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39
SearchScopes: HKCU - {3902400C-5C9F-4272-B9E3-A270032A7C98} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKCU - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39
SearchScopes: HKCU - {C3B765C8-8C46-4FD6-ABC0-6027CDE0C98A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=EBE459A9-8924-408A-A4DA-EAB6116A4F06&apn_sauid=1B01EBCD-4556-4E7B-A16D-811CB3F152A8
SearchScopes: HKCU - {DC3C3673-8F41-4FEA-A069-90FFCE283DBD} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll (Protect Software GmbH)
BHO-x32: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 -  No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} -  No File
Toolbar: HKCU -  No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} -  No File
Handler-x32: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [49152 2008-12-22] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default
FF user.js: detected! => C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: dbdt.at
FF Keyword.URL: hxxp://websearch.wisesearch.info/?pid=924&r=2013/10/18&hid=6609659935121896662&lg=EN&cc=DE&unqvl=39&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @fluxdvd.com/NPAPIX - C:\Program Files (x86)\Common Files\fluxDVD\APIX\NPAPIX.dll ()
FF Plugin-x32: @fluxdvd.com/NPFluxBrowserHelper - C:\Program Files (x86)\Common Files\fluxDVD\BrowserIntegration\NPFluxBrowserHelper.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll (Google)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ()
FF Plugin-x32: @protectdisc.com/NPWMDRMWrapper - C:\Program Files (x86)\Common Files\mpDRM\NPWMDRMWrapper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\James Dean\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\aol-web-search.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: NoScript - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(131)
FF Extension: NoScript - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(84)
FF Extension: DownloadHelper - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: CSHelper - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
FF Extension: personas - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\James Dean\AppData\Roaming\Mozilla\Firefox\Profiles\dhbms57z.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF Extension: pdfforge - C:\Program Files (x86)\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com
FF Extension: wtxpcom - C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
FF HKLM-x32\...\Firefox\Extensions: [{400F0BDB-6C49-43A4-BE1F-76D7327A604D}] - C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\Mozilla
FF Extension: fluxDVD Download Manager - C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\Mozilla
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR Extension: (Ask Toolbar) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0
CHR Extension: (YouTube) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Deownload keepeur) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeciojpmlodeaaeflcempkfdejlglmfc\1.6
CHR Extension: (vshare plugin) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0
CHR Extension: (SearchNewTab) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodogenenckilpdhlbedpnlhboolghhi\1.0
CHR Extension: (Gmail) - C:\Users\JAMESD~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 gupdate1ca2ffa2a389080; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2009-09-07] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 QPCapSvc; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2008-06-25] ()
R2 QPSched; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2008-06-25] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2010-09-27] (Mobile Connector)
S3 NVENETFD; C:\Windows\System32\DRIVERS\nvm60x64.sys [742696 2006-10-10] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [867824 2010-03-14] (Duplex Secure Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U4 eabfiltr; 
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-20 14:52 - 2013-10-20 14:52 - 01954548 _____ (Farbar) C:\Users\James Dean\Downloads\FRST64.exe
2013-10-20 14:52 - 2013-10-20 14:52 - 00000000 ____D C:\FRST
2013-10-20 14:50 - 2013-10-20 14:50 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 14:45 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-20 14:44 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-20 14:44 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-20 14:44 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-20 14:41 - 2013-10-20 14:44 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-20 14:29 - 2013-10-20 14:29 - 00000592 _____ C:\Users\James Dean\Downloads\defogger_disable.log
2013-10-20 14:29 - 2013-10-20 14:29 - 00000020 _____ C:\Users\James Dean\defogger_reenable
2013-10-20 14:27 - 2013-10-20 14:27 - 00050477 _____ C:\Users\James Dean\Downloads\Defogger.exe
2013-10-20 14:17 - 2013-10-20 14:18 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\James Dean\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-18 19:55 - 2013-10-18 21:22 - 264241152 _____ C:\Users\James Dean\Downloads\losslessalbum.net__VA-Bravo_Hits_82-2013.part1.rar
2013-10-18 19:23 - 2013-10-18 19:23 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-10-18 19:23 - 2013-10-18 19:23 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-10-18 19:22 - 2013-10-20 14:31 - 00000474 ____H C:\Windows\Tasks\OptimizerPro-S-480333868.job
2013-10-18 19:22 - 2013-10-18 19:24 - 00000000 ____D C:\ProgramData\SummerSoft
2013-10-18 19:22 - 2013-10-18 19:22 - 00002720 _____ C:\Windows\System32\Tasks\OptimizerPro-S-480333868
2013-10-18 19:22 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\Deownload keepeur
2013-10-18 19:22 - 2013-10-18 19:22 - 00000000 ____D C:\Program Files (x86)\Ss.Helper
2013-10-18 19:20 - 2013-10-18 19:24 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-18 14:27 - 2013-10-18 14:27 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\OpenCandy
2013-10-18 14:18 - 2013-10-18 14:20 - 27469464 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\James Dean\Downloads\FreeVideoToMP3Converter.exe
2013-10-18 14:06 - 2013-10-18 15:45 - 304508559 _____ C:\Users\James Dean\Downloads\Bravo_Hits_Vol.802013.rar
2013-10-17 23:18 - 2013-10-17 23:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-09 14:47 - 2013-09-22 17:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 14:47 - 2013-09-22 17:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 14:47 - 2013-09-22 16:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 14:47 - 2013-09-22 16:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 14:47 - 2013-09-22 16:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-09 14:47 - 2013-09-22 16:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 14:47 - 2013-09-22 16:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-09 14:47 - 2013-09-22 16:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 14:47 - 2013-09-22 16:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-09 14:47 - 2013-09-22 16:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 14:47 - 2013-09-22 16:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-09 14:47 - 2013-09-22 16:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 14:47 - 2013-09-22 16:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 14:47 - 2013-09-22 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-09 14:47 - 2013-09-22 16:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 14:47 - 2013-09-22 16:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 14:47 - 2013-09-22 12:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 14:47 - 2013-09-22 12:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 14:47 - 2013-09-22 12:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 14:47 - 2013-09-22 12:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-09 14:47 - 2013-09-22 12:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 14:47 - 2013-09-22 12:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 14:47 - 2013-09-22 12:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-09 14:47 - 2013-09-22 12:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 14:47 - 2013-09-22 12:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-09 14:47 - 2013-09-22 12:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 14:47 - 2013-09-22 12:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-09 14:47 - 2013-09-22 12:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 14:47 - 2013-09-22 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 14:47 - 2013-09-22 12:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 14:47 - 2013-09-22 12:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-09 14:47 - 2013-09-22 11:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 14:41 - 2013-08-29 09:48 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 14:41 - 2013-08-27 05:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-09 14:41 - 2013-08-27 05:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-09 14:41 - 2013-08-27 05:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-09 14:41 - 2013-08-27 05:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-09 14:41 - 2013-08-27 04:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-10-09 14:41 - 2013-08-27 04:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-09 14:41 - 2013-08-27 04:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-10-09 14:41 - 2013-08-27 04:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-09 14:41 - 2013-08-27 04:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-09 14:41 - 2013-08-27 04:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-09 14:41 - 2013-08-27 04:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-09 14:41 - 2013-08-27 04:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-09 14:41 - 2013-08-27 04:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-09 14:41 - 2013-08-27 03:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-09 14:41 - 2013-08-27 03:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-10-09 14:41 - 2013-08-27 03:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-09 14:41 - 2013-08-27 03:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-09 14:41 - 2013-08-01 06:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 14:41 - 2013-08-01 05:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-09 14:41 - 2013-07-20 12:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:41 - 2013-07-20 12:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:41 - 2013-07-12 11:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 14:41 - 2013-07-04 06:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 14:41 - 2013-07-04 06:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 14:41 - 2013-07-03 04:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 14:41 - 2013-07-03 04:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 14:41 - 2013-06-27 01:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 14:41 - 2013-06-04 06:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 14:41 - 2013-06-04 06:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 14:41 - 2013-06-04 04:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 14:41 - 2013-06-04 03:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 14:39 - 2013-06-29 04:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 14:39 - 2013-06-29 04:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 14:39 - 2013-06-29 04:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 14:39 - 2013-06-29 04:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 14:39 - 2011-05-05 16:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 14:39 - 2011-05-05 16:17 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 14:03 - 2013-10-09 14:24 - 149290982 _____ C:\Users\James Dean\Documents\Startseite - ZDF Mediathek.flv

==================== One Month Modified Files and Folders =======

2013-10-20 14:52 - 2013-10-20 14:52 - 01954548 _____ (Farbar) C:\Users\James Dean\Downloads\FRST64.exe
2013-10-20 14:52 - 2013-10-20 14:52 - 00000000 ____D C:\FRST
2013-10-20 14:50 - 2013-10-20 14:50 - 00000000 ____D C:\ProgramData\Oracle
2013-10-20 14:47 - 2009-09-07 22:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-20 14:45 - 2013-05-29 00:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-20 14:45 - 2008-12-05 08:47 - 01931042 _____ C:\Windows\WindowsUpdate.log
2013-10-20 14:44 - 2013-10-20 14:41 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-20 14:44 - 2008-07-31 10:35 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-20 14:36 - 2012-07-31 23:00 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\Spotify
2013-10-20 14:32 - 2009-09-07 22:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-20 14:32 - 2008-12-22 14:44 - 00073674 _____ C:\ProgramData\nvModes.001
2013-10-20 14:31 - 2013-10-18 19:22 - 00000474 ____H C:\Windows\Tasks\OptimizerPro-S-480333868.job
2013-10-20 14:31 - 2008-12-22 14:42 - 00073674 _____ C:\ProgramData\nvModes.dat
2013-10-20 14:31 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-20 14:31 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-20 14:31 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-20 14:30 - 2008-07-31 08:37 - 00004268 _____ C:\Windows\bthservsdp.dat
2013-10-20 14:30 - 2006-11-02 17:42 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-20 14:29 - 2013-10-20 14:29 - 00000592 _____ C:\Users\James Dean\Downloads\defogger_disable.log
2013-10-20 14:29 - 2013-10-20 14:29 - 00000020 _____ C:\Users\James Dean\defogger_reenable
2013-10-20 14:29 - 2008-12-22 14:41 - 00000000 ____D C:\Users\James Dean
2013-10-20 14:27 - 2013-10-20 14:27 - 00050477 _____ C:\Users\James Dean\Downloads\Defogger.exe
2013-10-20 14:18 - 2013-10-20 14:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\James Dean\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-20 02:37 - 2008-12-22 18:19 - 00000000 ____D C:\Users\James Dean\AppData\Local\PokerStars.EU
2013-10-19 17:43 - 2008-07-31 18:17 - 00671674 _____ C:\Windows\system32\perfh007.dat
2013-10-19 17:43 - 2008-07-31 18:17 - 00144810 _____ C:\Windows\system32\perfc007.dat
2013-10-19 17:43 - 2006-11-02 14:46 - 01560144 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-19 00:23 - 2009-02-01 20:48 - 00000000 ____D C:\Users\James Dean\Documents\DVDVideoSoft
2013-10-18 21:22 - 2013-10-18 19:55 - 264241152 _____ C:\Users\James Dean\Downloads\losslessalbum.net__VA-Bravo_Hits_82-2013.part1.rar
2013-10-18 20:21 - 2008-12-22 18:19 - 00000000 ____D C:\Program Files (x86)\PokerStars
2013-10-18 19:51 - 2012-10-24 17:17 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-10-18 19:26 - 2008-01-21 05:26 - 00237618 _____ C:\Windows\PFRO.log
2013-10-18 19:24 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\SummerSoft
2013-10-18 19:24 - 2013-10-18 19:20 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-18 19:23 - 2013-10-18 19:23 - 00000000 ____D C:\ProgramData\SearchNewTab
2013-10-18 19:23 - 2013-10-18 19:23 - 00000000 ____D C:\Program Files (x86)\WebSearch
2013-10-18 19:22 - 2013-10-18 19:22 - 00002720 _____ C:\Windows\System32\Tasks\OptimizerPro-S-480333868
2013-10-18 19:22 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\Deownload keepeur
2013-10-18 19:22 - 2013-10-18 19:22 - 00000000 ____D C:\Program Files (x86)\Ss.Helper
2013-10-18 15:45 - 2013-10-18 14:06 - 304508559 _____ C:\Users\James Dean\Downloads\Bravo_Hits_Vol.802013.rar
2013-10-18 14:27 - 2013-10-18 14:27 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\OpenCandy
2013-10-18 14:27 - 2010-11-08 00:13 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\DVDVideoSoft
2013-10-18 14:27 - 2009-02-01 20:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-18 14:20 - 2013-10-18 14:18 - 27469464 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\James Dean\Downloads\FreeVideoToMP3Converter.exe
2013-10-18 10:45 - 2009-02-15 21:31 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-10-18 10:40 - 2011-03-24 23:34 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\HpUpdate
2013-10-17 23:18 - 2013-10-17 23:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 09:28 - 2012-07-31 23:01 - 00000000 ____D C:\Users\James Dean\AppData\Local\Spotify
2013-10-17 09:25 - 2008-12-27 21:11 - 00000021 _____ C:\ProgramData\hpqp.txt
2013-10-16 09:24 - 2013-03-10 15:04 - 00004014 _____ C:\Windows\setupact.log
2013-10-16 09:24 - 2008-12-22 15:01 - 00174592 _____ C:\Users\James Dean\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-12 14:55 - 2013-07-08 19:01 - 00002621 _____ C:\Users\James Dean\Desktop\Microsoft Office Word 2003.lnk
2013-10-12 12:07 - 2011-08-30 10:01 - 00000000 ____D C:\Users\James Dean\AppData\Roaming\Skype
2013-10-12 01:42 - 2009-09-07 22:46 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-12 01:42 - 2009-09-07 22:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 18:25 - 2011-08-30 10:01 - 00000000 ____D C:\ProgramData\Skype
2013-10-10 14:47 - 2013-05-29 00:32 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 14:47 - 2013-04-05 17:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 14:47 - 2013-04-05 17:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 15:46 - 2006-11-02 17:21 - 00299464 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 15:45 - 2009-05-29 08:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 15:13 - 2006-11-02 14:34 - 00000305 _____ C:\Windows\win.ini
2013-10-09 15:02 - 2011-03-31 00:39 - 01540150 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 14:52 - 2013-07-19 16:21 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 14:48 - 2006-11-02 14:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-09 14:24 - 2013-10-09 14:03 - 149290982 _____ C:\Users\James Dean\Documents\Startseite - ZDF Mediathek.flv
2013-10-08 12:45 - 2013-03-02 18:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-08 07:51 - 2012-06-17 20:44 - 00873384 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-10-08 07:51 - 2010-04-19 00:11 - 00796072 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-08 07:50 - 2013-10-20 14:44 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-20 14:45 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-20 14:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-20 14:44 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 12:04 - 2013-07-30 01:35 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-07 12:04 - 2013-07-30 01:35 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-07 12:04 - 2013-07-30 01:35 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-05 23:48 - 2013-08-26 01:20 - 00002649 _____ C:\Users\James Dean\Desktop\Microsoft Office Excel 2003.lnk
2013-09-23 12:46 - 2012-04-27 00:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-22 17:43 - 2013-10-09 14:47 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-22 17:01 - 2013-10-09 14:47 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-22 16:42 - 2013-10-09 14:47 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-22 16:36 - 2013-10-09 14:47 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-22 16:33 - 2013-10-09 14:47 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-22 16:33 - 2013-10-09 14:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-22 16:30 - 2013-10-09 14:47 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-22 16:27 - 2013-10-09 14:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-22 16:23 - 2013-10-09 14:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-22 16:22 - 2013-10-09 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-22 16:21 - 2013-10-09 14:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-22 16:19 - 2013-10-09 14:47 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-22 16:19 - 2013-10-09 14:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-22 16:16 - 2013-10-09 14:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-22 16:15 - 2013-10-09 14:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-22 16:07 - 2013-10-09 14:47 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-22 12:29 - 2013-10-09 14:47 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-22 12:22 - 2013-10-09 14:47 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-22 12:22 - 2013-10-09 14:47 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-22 12:14 - 2013-10-09 14:47 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-22 12:13 - 2013-10-09 14:47 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-22 12:13 - 2013-10-09 14:47 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-22 12:12 - 2013-10-09 14:47 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-22 12:09 - 2013-10-09 14:47 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-22 12:08 - 2013-10-09 14:47 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-22 12:07 - 2013-10-09 14:47 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-22 12:06 - 2013-10-09 14:47 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-22 12:05 - 2013-10-09 14:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-22 12:03 - 2013-10-09 14:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-22 12:03 - 2013-10-09 14:47 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-22 12:03 - 2013-10-09 14:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-22 11:59 - 2013-10-09 14:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

Files to move or delete:
====================
C:\Users\James Dean\AppData\Roaming\CamLayout.ini
C:\Users\James Dean\AppData\Roaming\CamShapes.ini
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe


Some content of TEMP:
====================
C:\Users\James Dean\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\James Dean\AppData\Local\Temp\ApnStub.exe
C:\Users\James Dean\AppData\Local\Temp\avgnt.exe
C:\Users\James Dean\AppData\Local\Temp\Extract.exe
C:\Users\James Dean\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\James Dean\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\James Dean\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\James Dean\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\James Dean\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\James Dean\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\James Dean\AppData\Local\Temp\ptu455F_tmp.exe
C:\Users\James Dean\AppData\Local\Temp\ptu979F_tmp.exe
C:\Users\James Dean\AppData\Local\Temp\SkypeSetup.exe
C:\Users\James Dean\AppData\Local\Temp\SP41645.exe
C:\Users\James Dean\AppData\Local\Temp\xuninst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-20 14:52

==================== End Of Log ============================
--- --- ---


FRST Addition:

Zitat:
Zitat von FRST Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2013
Ran by James Dean at 2013-10-20 14:54:58
Running from C:\Users\James Dean\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 4.65 (x64 edition) (Version: 4.65.00.0)
7-Zip 9.20 (x32)
AAC Decoder (x32 Version: 7.1.0)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader 8.3.1 - Deutsch (x32 Version: 8.3.1)
Adobe Shockwave Player 11.5 (x32 Version: 11.5)
Apple Application Support (x32 Version: 1.1.0)
Apple Software Update (x32 Version: 2.1.1.116)
AutoUpdate (x32 Version: 1.1)
Avira Free Antivirus (x32 Version: 14.0.0.383)
CdCoverCreator 2.5.2 (x32 Version: 2.5.2)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
CyberLink DVD Suite (x32 Version: 5.5.1519)
CyberLink YouCam (x32 Version: 2.0.1616)
Deownload keepeur (x32 Version: 1.2.0.1040)
Diablo II (x32)
DivX Codec (x32 Version: 6.8.5)
DivX Converter (x32 Version: 7.1.0)
DivX Player (x32 Version: 7.2.0)
DivX Plus DirectShow Filters (x32)
DivX Plus Web Player (x32 Version: 2.0.0)
DivX Version Checker (x32 Version: 7.1.0.2)
Elecard MPEG-2 Decoder&Streaming Plug-in for WMP (x32 Version: 3.7.90209)
ElsterFormular (x32 Version: 14.3.11574)
ElsterFormular 2008/2009 (x32 Version: 10.1.0.0)
ESU for Microsoft Vista (x32 Version: 1.0.0)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
Free 3GP Video Converter version 3.6 (x32)
Free Studio version 5.2.1 (x32)
Free Video to MP3 Converter version 5.0.29.925 (x32 Version: 5.0.29.925)
Free YouTube to MP3 Converter version 3.2 (x32)
FUJIFILM MyFinePix Studio 2.0 (x32)
Gehirnjogging 4 (x32 Version: 1.0)
Google Chrome (x32 Version: 30.0.1599.101)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Google Updater (x32 Version: 2.4.1851.5542)
H.264 Decoder (x32 Version: 1.1.0)
HP Advisor (x32 Version: 3.3.12286.3436)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3)
HP Doc Viewer (x32 Version: 1.01.0005)
HP Easy Setup - Frontend (x32 Version: 5.7.0.2630)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (Version: 6.0.1.6204)
HP Quick Launch Buttons (x32 Version: 6.50.12.1)
HP QuickPlay 3.7 (x32)
HP QuickTouch 1.00 D2 (Version: 1.0.9)
HP Support Assistant (x32 Version: 5.2.9.2)
HP Update (x32 Version: 5.002.007.004)
HP User Guides 0103 (x32 Version: 1.01.0000)
HP Wireless Assistant (x32 Version: 3.50.9.1)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2)
IDT Audio (x32 Version: 1.0.6017.13)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 39 (x32 Version: 6.0.390)
Java(TM) 6 Update 6 (x32 Version: 1.6.0.60)
JDownloader (x32 Version: 0.89)
JMicron JMB38X Flash Media Controller (x32 Version: 1.00.16.01)
Junk Mail filter update (x32 Version: 14.0.8117.416)
K-Lite Codec Pack 4.9.0 (Full) (x32 Version: 4.9.0)
LabelPrint (x32 Version: 2.20.2719)
LG USB Modem driver (x32)
LightScribe System Software (x32 Version: 1.18.22.2)
LightScribe Template Designs - Bonus Pack 1 (x32 Version: 1.17.0.0)
LightScribe Template Labeler (x32 Version: 1.18.22.2)
Magic Desktop (x32)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office Basic Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Silverlight (x32 Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM (x32)
MKV Splitter (x32 Version: 1.0.1)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
No23 Recorder (x32 Version: 2.1.0.3)
NVIDIA Drivers (Version: 1.10)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
OptimizerPro (x32 Version: 2.3.0.1716)
Paint.NET v3.36 (Version: 3.36.0)
PDFCreator (x32 Version: 0.9.9)
pdfforge Toolbar v4.6 (x32 Version: 4.6)
Poker 770 (HKCU)
PokerStars (x32)
PokerStars.net (x32)
Power2Go (x32 Version: 5.6.3919)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
PVSonyDll (Version: 1.00.0001)
QLBCASL (x32 Version: 6.40.17.2)
QuickPlay SlingPlayer 0.4.6 (x32 Version: 0.4.6)
QuickTime (x32 Version: 7.65.17.80)
RAF (x32 Version: 1.00.0001)
Realtek 8169 8168 8101E 8102E Ethernet Driver (x32 Version: 1.00.0000)
Search Assistant WebSearch 1.74 (x32)
SearchNewTab (x32 Version: 3.1.0.1446)
Sicherheitsupdate für Windows Media Player (KB2845142)
Skype™ 6.7 (x32 Version: 6.7.102)
Spelling Dictionaries Support For Adobe Reader 8 (x32 Version: 8.0.0)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Ss.Helper 1.74 (x32)
Streamripper (Remove only) (x32)
StreamTransport version: 1.0.2.2171 (x32)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Uninstall 1.0.0.1 (x32)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Winamp (x32 Version: 5.65 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Winamp Toolbar (x32)
Windows Driver Package - ENE (enecir) HIDClass (04/29/2008 2.5.0.0) (Version: 04/29/2008 2.5.0.0)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
XnView 1.95.4 (x32 Version: 1.95.4)

==================== Restore Points =========================

03-10-2013 22:00:05 Geplanter Prüfpunkt
05-10-2013 19:37:43 Geplanter Prüfpunkt
06-10-2013 22:00:02 Geplanter Prüfpunkt
07-10-2013 10:52:58 Geplanter Prüfpunkt
08-10-2013 11:38:24 Geplanter Prüfpunkt
09-10-2013 12:44:43 Windows Update
12-10-2013 11:47:35 Geplanter Prüfpunkt
13-10-2013 19:48:28 Geplanter Prüfpunkt
14-10-2013 22:28:44 Geplanter Prüfpunkt
15-10-2013 13:57:08 Geplanter Prüfpunkt
18-10-2013 09:54:39 Geplanter Prüfpunkt
18-10-2013 23:11:28 Geplanter Prüfpunkt
20-10-2013 12:39:09 Installed Java 7 Update 45

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {3B2F305D-3AB4-4B0B-AAC5-F558DB520CD7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {6AFFE24D-3605-402F-930B-64A5E5A34CE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-09-17] (Microsoft)
Task: {79DBB8C1-F4F7-4EED-B41F-C1F34CBD198A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {909DA215-DBF5-45D8-9FD4-1008677819AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {9317E32C-3B77-468A-A9ED-A55A67DA637C} - System32\Tasks\Orb Startup => C:\Program Files (x86)\Winamp Remote\bin\orbtray.exe
Task: {A89951B5-06DF-4150-908F-042D90988E08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-07] (Google Inc.)
Task: {BBF38544-0328-4785-8D23-284F1511BC21} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-24] (Google)
Task: {C99A9980-79EB-4670-A868-64E14EA7FA4B} - System32\Tasks\OptimizerPro-S-480333868 => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe [2012-10-18] ()
Task: {E5E5D4B2-1B98-4A42-A538-B0297D6FA34C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-07] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OptimizerPro-S-480333868.job => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe

==================== Loaded Modules (whitelisted) =============

2008-07-31 09:16 - 2008-06-25 22:34 - 00074536 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\Common\MCEMediaStatus64.dll
2013-07-30 01:35 - 2013-07-29 10:34 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00259480 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00038184 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00120216 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00345384 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2008-07-31 10:30 - 2007-11-15 01:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-06-30 01:12 - 2010-06-30 01:12 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-10-06 15:27 - 2013-10-06 15:27 - 00857600 _____ () C:\Program Files (x86)\Ss.Helper\psupport.dll
2013-01-24 13:25 - 2013-01-24 13:25 - 01044480 _____ () C:\Program Files (x86)\WebSearch\sprotector.dll
2013-09-19 08:08 - 2013-09-19 08:09 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 14:47 - 2013-10-10 14:47 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:49FDAF4DF730A44F

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: TSSTcorp CDDVDW TS-L633L ATA Device
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2013 02:37:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (10/20/2013 02:32:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2013 07:32:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (10/18/2013 07:32:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (10/18/2013 07:28:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2013 09:29:22 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (10/17/2013 09:24:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2013 09:29:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2013 02:37:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (10/15/2013 02:35:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/20/2013 02:32:52 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (10/18/2013 07:33:03 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (10/17/2013 09:24:58 AM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (10/15/2013 09:29:22 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (10/15/2013 02:38:59 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst%%1053

Error: (10/15/2013 02:38:59 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player-Netzwerkfreigabedienst

Error: (10/15/2013 02:38:15 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/15/2013 02:37:15 PM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X64

Error: (10/15/2013 02:35:05 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (10/13/2013 09:29:48 AM) (Source: Service Control Manager) (User: )
Description: 30000RapiMgr


Microsoft Office Sessions:
=========================
Error: (10/20/2013 02:37:02 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (10/20/2013 02:32:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2013 07:32:10 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (10/18/2013 07:32:09 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (10/18/2013 07:28:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2013 09:29:22 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (10/17/2013 09:24:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2013 09:29:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2013 02:37:49 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (10/15/2013 02:35:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2009-01-01 17:20:34.555
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2009-01-01 17:20:34.529
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2009-01-01 17:20:34.506
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2009-01-01 17:20:34.475
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:23.241
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:23.241
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:23.225
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:23.225
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:17.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2008-07-31 10:38:17.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 4092.03 MB
Available physical RAM: 2157.13 MB
Total Pagefile: 8407.32 MB
Available Pagefile: 5857.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.96 GB) (Free:66.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:232.88 GB) (Free:19.98 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.92 GB) (Free:1.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Lexar) (Removable) (Total:29.8 GB) (Free:26.49 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 07D207D1)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: 8936DF91)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 30 GB) (Disk ID: DE47D401)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0B)

==================== End Of Log ============================
Und das GMER Log

[QUOTE=Gmer]GMER Logfile:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-20 15:42:10
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9250827AS rev.3.AHC 232,89GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\JAMESD~1\AppData\Local\Temp\fwdyauoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                 suspicious modification
.text     C:\Windows\System32\win32k.sys!W32pServiceTable                                                  fffff9600011f800 3 bytes [C0, 82, 02]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable + 4                                              fffff9600011f804 3 bytes [41, BC, FA]
INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                 suspicious modification
INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                 suspicious modification
INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                 suspicious modification
INITKDBG  C:\Windows\system32\ntoskrnl.exe                                                                 suspicious modification

---- Threads - GMER 2.1 ----

Thread    C:\Windows\system32\svchost.exe [1200:2808]                                                      000007fef7559358
Thread    C:\Windows\system32\svchost.exe [1200:2824]                                                      000007fef7563820
Thread    C:\Windows\system32\svchost.exe [1200:3708]                                                      000007fef425af94
Thread    C:\Windows\system32\svchost.exe [1200:3712]                                                      000007fef425af94
Thread    C:\Windows\system32\svchost.exe [1200:3716]                                                      000007fef425af94
Thread    C:\Windows\system32\svchost.exe [1200:3720]                                                      000007fef425af94
Thread    C:\Windows\system32\svchost.exe [1200:1208]                                                      000007fef75660bc
Thread    C:\Windows\System32\spoolsv.exe [1708:1964]                                                      000007fef9f913dc
Thread    C:\Windows\System32\spoolsv.exe [1708:1968]                                                      000007fef9f912ac
Thread    C:\Windows\System32\spoolsv.exe [1708:1976]                                                      000007fef9f31c00
Thread    C:\Windows\System32\spoolsv.exe [1708:1984]                                                      000007fef9ee38a0
Thread    C:\Windows\System32\spoolsv.exe [1708:1988]                                                      000007fef9e0bd78
Thread    C:\Windows\System32\spoolsv.exe [1708:1992]                                                      000007fef9e0c4f8
Thread    C:\Windows\System32\spoolsv.exe [1708:1996]                                                      000007fef9e16844
Thread    C:\Windows\System32\spoolsv.exe [1708:2004]                                                      000007fef9fea704
Thread    C:\Windows\System32\spoolsv.exe [1708:1104]                                                      000007fefa02dbe8
Thread    C:\Windows\system32\svchost.exe [2624:2708]                                                      000007fef9e0bd78
Thread    C:\Windows\system32\svchost.exe [2624:2764]                                                      000007fef9e0c4f8
Thread    C:\Windows\system32\svchost.exe [2624:2768]                                                      000007fef9e16844
Thread    C:\Windows\System32\svchost.exe [2692:2776]                                                      000007fef7fa6cbc
Thread    C:\Windows\System32\WUDFHost.exe [2984:1236]                                                     0000000071842eb0

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186661bc0                      
Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186dad317                      
Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186dad317@0023d62f9978         0x1E 0x95 0xD6 0x85 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186dad317@0022a9f0cf53         0x5E 0xC7 0xAC 0x93 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186dad317@2021a5664ca4         0xC1 0x81 0xD1 0x39 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186dad317@b8ff61a7c72f         0xA4 0x2B 0x61 0xD3 ...
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186661bc0 (not active ControlSet)  
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186dad317 (not active ControlSet)  
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186dad317@0023d62f9978             0x1E 0x95 0xD6 0x85 ...
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186dad317@0022a9f0cf53             0x5E 0xC7 0xAC 0x93 ...
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186dad317@2021a5664ca4             0xC1 0x81 0xD1 0x39 ...
Reg       HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186dad317@b8ff61a7c72f             0xA4 0x2B 0x61 0xD3 ...

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
--- --- ---


Wie man vielleicht sieht bin ich nicht mehr ganz Up to Date, bitte Entschuldigt. Auf jeden Fall bringe ich Geduld mit.
Darüber hinaus werde ich erst einmal nichts auf eigene Faust unternehmen sondern warte auf weitere Instruktionen aus diesem Board.
Sofern, aus welchem Grund auch immer, davon abgesehen wird hier Hilfe zu leisten, teilt dies bitte mit, sodass ich andere Schritte unternehmen kann.

Vielen Dank im Vorraus

PS:
Muss dann los zur Arbeit und werde erst Morgen Vormittag/Mittag erneut posten können.

 

Themen zu Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet
antivir, avira, browser, device driver, dvdvideosoft ltd., farbar, farbar recovery scan tool, fehler, flash player, html/hoax.agent.h.gen, iexplore.exe, launch, livesupport, newtab, object, optimizerpro, pdfforge toolbar, plug-in, pup.loadtubes, pup.optional.opencandy, pup.optional.optimzerpro.a, pup.optional.softonic.a, pup.optional.sprotector.a, pup.optional.sweetim.a, pup.optional.tarma.a, pup.optional.websearch.a, pup.vshareredir, richtlinie, spotify web helper, system, trojaner board, win32/adware.multiplug.h, win32/startpage.opm, windows xp


« Windows 7: wieder weiße Popups in Firefox | Doppelt unterstrichene Wörter und Popups »


Ähnliche Themen: Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet


  1. Avira meldet Trojaner
    Plagegeister aller Art und deren Bekämpfung - 16.05.2015 (3)
  2. Windows 7: Avira meldet diverse Trojaner TR/Spy.Zbot.***
    Log-Analyse und Auswertung - 04.01.2015 (18)
  3. Win 7 64: Avira meldet diverse Funde, regelmäßige Floodings, geblockte Websiteaufrufe von "SYSTEM"
    Log-Analyse und Auswertung - 04.11.2013 (6)
  4. Win 7 / Avira meldet Trojaner Fakeadb.A
    Log-Analyse und Auswertung - 13.09.2013 (9)
  5. Windows 7, Avira meldet 'TR/Mevade.A.107 Trojaner.
    Log-Analyse und Auswertung - 11.09.2013 (11)
  6. crossposting Viruscheck mit Avira - Meldung 2 Warnungen - exe Dateien konnten nicht gelesen werden
    Mülltonne - 18.05.2013 (8)
  7. Avira meldet Trojaner, u.a. TR/Spy.Farko.mg
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (1)
  8. Avira meldet Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 06.06.2012 (23)
  9. Windows Verchlüsselungstrojaner, Anleitung gelesen!
    Log-Analyse und Auswertung - 11.05.2012 (19)
  10. Trojaner kazy.mekml.1 Avira meldet Trojaner schwarzer Bildschirm nichts geht mehr
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (22)
  11. Avira AntiVir meldet Trojaner TR/Hijacker.Gen - was tun?
    Plagegeister aller Art und deren Bekämpfung - 10.01.2011 (7)
  12. avira meldet mehrere trojaner
    Log-Analyse und Auswertung - 23.08.2010 (40)
  13. avira meldet Trojaner
    Log-Analyse und Auswertung - 18.01.2010 (1)
  14. Avira meldet Spy/Trojaner bei Ultraiso.exe
    Plagegeister aller Art und deren Bekämpfung - 09.07.2009 (9)
  15. Avira meldet Trojaner TR/Dropper.Gen
    Plagegeister aller Art und deren Bekämpfung - 15.04.2009 (0)
  16. Antivir meldet diverse Trojaner
    Log-Analyse und Auswertung - 06.12.2008 (0)
  17. Antivir meldet diverse Trojaner - hier das HiJackThis Log-File
    Mülltonne - 06.12.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet - Hallo, schon seit langem beobachte ich das Trojaner Board und werde nun ebenfalls versuchen, mir hier helfen zu lassen. Mein Ursprungsproblem: Wahllose Wörter auf beliebigen Websites durch Werbung verlinkt. Darauf - Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet...
Archiv
Du betrachtest: Avira meldet diverse Trojaner - Anleitung für Hifesuchende gelesen/beachtet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19