windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme

trancemoisis · 15.01.2014, 20:35

mit der insallation von jdownloader hat sich das Programm optimizer pro eingeschlichen nun gibt es immer mehr probleme und ich werde sie nicht los.
Den optimizer pro hab ich gleich nachdem er sich gestartet hatte deinstalliert, als ich Firefox öffnete sah ich das meine Startseite in hxxp://searchresultsguide.com geändert wurde. Es macht auch den anschein als würde er einen download abschliessen. Nachdem ich mit CCleaner mehrmals alles bereinigt, mit TDSSKiller.exe und auch mit malwarebytes(log hab ich leider nicht mehr) öfter geprüft habe, konnte ich bei firefox wider google als startseite angeben. Jetz meldet aber avast :Infektion blockiert URL:hxxp://www.googe.at/
Infektion: url:Mal
ich bin total ratlos und brauche eure hilfe

Defogger lief problemlos und es wurde keine Fehlermeldung herausgegeben.

Hier die defogger_disable.log

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:38 on 15/01/2014 (Thomas)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST bricht aufgrund einer Fehlermeldung wärend des scans ab und gibt mir daher die Addition.txt nicht aus.

Hier die FRST.txt

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 01
Ran by Thomas (administrator) on TRAT00020 on 15-01-2014 14:44:10
Running from C:\Downloads\Sylenth
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DameWare Development LLC) C:\WINDOWS\system32\DWRCS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(DameWare Development) C:\WINDOWS\system32\DWRCST.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Ableton) C:\New Folder\Live 9 Suite\Program\Ableton Live 9 Suite.exe
() C:\New Folder\Live 9 Suite\Resources\Extensions\Index\Ableton Index.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Runonce: [daemontoolsultra] - [x]
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3192056 2013-11-14] (Disc Soft Ltd)
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk.disabled
ShortcutTarget: WDDMStatus.lnk.disabled -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google Default
FF Homepage: hxxp://www.googe.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GMX MailCheck - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\toolbar@gmx.net.xpi [2013-04-30]
FF Extension: Adblock Plus - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-08]

Chrome: 
=======
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Magic Actions for YouTube\u2122) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.7.1_0 [2014-01-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-09-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-09-20]
CHR Extension: (YouTube) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-09-20]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2014-01-11]
CHR Extension: (Google Search) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-09-20]
CHR Extension: (AdBlock Premium) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.3_0 [2013-10-26]
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-20]
CHR Extension: (Click&Clean App) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0 [2014-01-11]
CHR Extension: (Gmail) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-09-20]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-01-08]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
S3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [723192 2013-11-14] (Disc Soft Ltd)
R2 DWMRCS; C:\Windows\SYSTEM32\DWRCS.EXE [199168 2006-05-31] (DameWare Development LLC)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-10] (Oracle Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
S3 Pml Driver; C:\WINDOWS\system32\HPHipm09.exe [77824 2003-01-30] (HP)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)

==================== Drivers (Whitelisted) ====================

R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [30808 2011-11-28] (AVAST Software)
R0 abp480n5; C:\Windows\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [111320 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
R3 DFE528TX; C:\Windows\System32\DRIVERS\DLKRTL.SYS [45568 2002-06-24] (D-Link Corporation               )
S3 Dot4 HPH09; C:\Windows\System32\DRIVERS\hphid409.sys [50800 2003-01-30] (HP)
S3 Dot4Print HPH09; C:\Windows\System32\DRIVERS\hphipr09.sys [16112 2003-01-30] (HP)
S3 Dot4Storage HPH09; C:\Windows\System32\Drivers\hphs2k09.sys [50211 2003-01-30] (Hewlett-Packard)
S3 Dot4Usb HPH09; C:\Windows\System32\drivers\hphius09.sys [18864 2003-01-30] (HP)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-01-13] (Disc Soft Ltd)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-12] (Malwarebytes Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2002-08-28] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2002-08-28] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
U3 catchme; \??\C:\DOCUME~1\Thomas\LOCALS~1\Temp\catchme.sys [x]
S3 idisw2km; system32\DRIVERS\idisw2km.sys [x]
S3 kbstuff; system32\DRIVERS\kbstuff5.sys [x]
U1 RCHelp; 
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 mbr; \??\C:\ComboFix\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 14:39 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:42 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:40 - 2014-01-13 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 23:53 - 00025838 _____ C:\WINDOWS\setupapi.log
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-01-13 21:10 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-01-13 21:10 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:22 - 2014-01-12 23:22 - 00015831 _____ C:\ComboFix.txt
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2013-12-12 21:09 - 00000211 _____ C:\Boot.bak
2014-01-12 22:57 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2014-01-12 22:55 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-12 22:55 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-12 22:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-12 22:53 - 2014-01-12 23:22 - 00000000 ____D C:\Qoobox
2014-01-12 22:52 - 2014-01-12 23:15 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:23 - 2014-01-12 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 20:02 - 2014-01-12 22:13 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 16:43 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 16:40 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-12 00:04 - 2014-01-11 22:54 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:54 - 2002-08-28 00:00 - 00000734 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140111-225421.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-12 22:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-12 09:45 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:11 - 2014-01-12 22:39 - 00000000 ____D C:\AdwCleaner
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:03 - 2014-01-10 17:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:03 - 2014-01-10 17:02 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2009-10-24 21:15 - 01332224 _____ (AD © 2009) C:\WINDOWS\system32\SYNSOEMU.DLL
2014-01-08 12:15 - 2014-01-09 12:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:13 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:00 - 2014-01-05 01:40 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:00 - 2014-01-05 01:03 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 17:39 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

==================== One Month Modified Files and Folders =======

2014-01-15 14:39 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:38 - 2011-09-22 15:30 - 00000000 ____D C:\Documents and Settings\Thomas
2014-01-15 14:20 - 2013-09-20 19:03 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 14:16 - 2007-02-18 20:34 - 02023868 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-15 14:01 - 2013-09-23 17:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-15 10:26 - 2007-02-18 20:47 - 00000466 _____ C:\WINDOWS\SMSCFG.ini
2014-01-14 23:01 - 2007-02-18 20:37 - 00032368 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-14 18:20 - 2013-09-20 19:03 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 06:25 - 2007-02-18 20:37 - 00000000 __SHD C:\Documents and Settings\NetworkService
2014-01-14 05:19 - 2007-02-18 20:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-13 23:53 - 2014-01-13 21:10 - 00025838 _____ C:\WINDOWS\setupapi.log
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:25 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:56 - 2007-02-18 21:31 - 00589468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:45 - 2012-01-08 15:45 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:41 - 2014-01-13 22:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:10 - 2007-02-18 20:34 - 00000000 ____D C:\WINDOWS\system32\DirectX
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:22 - 2014-01-12 23:22 - 00015831 _____ C:\ComboFix.txt
2014-01-12 23:22 - 2014-01-12 22:53 - 00000000 ____D C:\Qoobox
2014-01-12 23:22 - 2007-02-18 20:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-12 23:15 - 2014-01-12 22:52 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 23:14 - 2007-02-19 04:28 - 00000246 _____ C:\WINDOWS\system.ini
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2007-02-19 04:28 - 00000327 __RSH C:\boot.ini
2014-01-12 22:49 - 2012-01-08 18:00 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-12 22:49 - 2012-01-08 15:46 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:47 - 2012-01-08 15:46 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 22:42 - 2007-02-19 04:28 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-12 22:41 - 2007-02-18 21:33 - 00000159 ____N C:\WINDOWS\wiadebug.log
2014-01-12 22:41 - 2007-02-18 21:33 - 00000050 ____N C:\WINDOWS\wiaservc.log
2014-01-12 22:39 - 2014-01-11 22:11 - 00000000 ____D C:\AdwCleaner
2014-01-12 22:39 - 2011-09-22 15:30 - 00000178 ___SH C:\Documents and Settings\Thomas\ntuser.ini
2014-01-12 22:32 - 2014-01-12 22:23 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 22:30 - 2013-06-27 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-01-12 22:26 - 2007-05-07 10:54 - 00002501 _____ C:\WINDOWS\system32\LexFiles.ulf
2014-01-12 22:22 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-12 22:13 - 2014-01-12 20:02 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 21:02 - 2007-05-01 19:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 17:12 - 2014-01-12 16:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 17:12 - 2014-01-12 16:40 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 09:45 - 2014-01-11 22:28 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-12 01:12 - 2013-09-20 19:32 - 00000000 ____D C:\Program Files\JDownloader
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-11 22:54 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:06 - 2013-11-15 19:42 - 00000000 ____D C:\Program Files\Sony
2014-01-11 20:58 - 2012-02-29 19:23 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\dvdcss
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:05 - 2013-09-20 19:33 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:02 - 2014-01-10 17:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:02 - 2014-01-10 17:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2014-01-08 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 15:13 - 2013-06-29 18:16 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-08 01:23 - 2013-09-20 19:04 - 00001805 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 14:44 - 2008-04-28 14:21 - 00000000 ____D C:\New Folder
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:40 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:03 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 17:39 - 2014-01-04 00:01 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk
2013-12-18 15:47 - 2007-02-18 20:34 - 00000000 __SHD C:\Documents and Settings\All Users\DRM
2013-12-18 15:22 - 2013-03-13 10:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

das adwcleaner log

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.016 - Report created 11/01/2014 at 22:11:34
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Thomas - TRAT00020
# Running from : C:\Downloads\Sylenth\adwcleaner_3.016.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\user.js
File Found : C:\Documents and Settings\Thomas\Desktop\MySearchDial.url
File Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\mysearchdial-speeddial.crx
Folder Found : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Found : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Folder Found C:\Documents and Settings\Thomas\Application Data\Mysearchdial
Folder Found C:\Documents and Settings\Thomas\My Documents\optimizer pro
Folder Found C:\Program Files\optimizer pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B&cr=1652150050&ir=

-\\ Mozilla Firefox v26.0 (de)

[ File : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\prefs.js ]

Line Found : user_pref("extensions.mysearchdial.aflt", "irmsd0101");
Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutDzytDtC0B");
Line Found : user_pref("extensions.mysearchdial.cr", "1652150050");
Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
Line Found : user_pref("extensions.mysearchdial.hmpg", true);
Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutD[...]
Line Found : user_pref("extensions.mysearchdial.id", "002191F42B045B30");
Line Found : user_pref("extensions.mysearchdial.instlDay", "16080");
Line Found : user_pref("extensions.mysearchdial.instlRef", "");
Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu[...]
Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtCzytC0FyEtB0BtDyEyD0BtAtDtN0D0Tzu0SyByEtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1C[...]
Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.017:1:25");

-\\ Google Chrome v32.0.1700.72

[ File : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [5920 octets] - [11/01/2014 22:11:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5980 octets] ##########

--- --- ---

GMER gibt die Meldung "WARNING!!! GMER has found system modification caused by ROOTKIT activity." aus.

die GMER.txt ist leider irre groß

ich danke euch noch im voraus für eure schnelle hilfe
und hoffe das ich nicht zuviel oder zu wenig gepostet hab

lg trancemoisis

schrauber · 16.01.2014, 07:45

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es eine Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

trancemoisis · 17.01.2014, 00:27

Hallo schrauber!
Danke das du mir bei meinem Problem behilflich bist.
Leider hab ich den Fehler gemacht, dass ich Combofix nicht auf dem Desktop gespeichert habe. Ich hoffe, dass das nicht weiter schlimm ist. Sonst Poste ich ein neues Log.
Combofix Logfile:

Code:

ATTFilter

ComboFix 14-01-12.01 - Thomas 16.01.2014  12:12:47.2.2 - x86
ausgeführt von:: c:\downloads\Sylenth\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Thumbs.db
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-16 bis 2014-01-16  ))))))))))))))))))))))))))))))
.
.
2014-01-15 18:41 . 2014-01-15 18:41	22688	----a-w-	c:\windows\system32\drivers\HWiNFO32.SYS
2014-01-15 18:37 . 2014-01-15 18:37	--------	d-----w-	c:\program files\HWiNFO32
2014-01-15 13:39 . 2014-01-15 13:39	--------	d-----w-	C:\FRST
2014-01-13 22:25 . 2014-01-13 22:25	--------	d-----w-	c:\documents and settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 22:23 . 2014-01-13 22:23	--------	d-----w-	c:\documents and settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 21:55 . 2014-01-13 21:55	--------	d-----w-	c:\windows\system32\de-DE
2014-01-13 21:42 . 2014-01-13 21:42	24704	----a-w-	c:\windows\system32\drivers\dtscsibus.sys
2014-01-13 21:42 . 2014-01-13 22:25	--------	d-----w-	c:\documents and settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 21:42 . 2014-01-13 21:42	--------	d-----w-	c:\program files\DAEMON Tools Ultra
2014-01-13 21:40 . 2014-01-13 21:41	--------	d-----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 20:10 . 2010-06-02 03:55	74072	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2014-01-13 20:10 . 2010-06-02 03:55	527192	----a-w-	c:\windows\system32\XAudio2_7.dll
2014-01-13 20:10 . 2010-05-26 10:41	2106216	----a-w-	c:\windows\system32\D3DCompiler_43.dll
2014-01-13 20:10 . 2010-05-26 10:41	248672	----a-w-	c:\windows\system32\d3dx11_43.dll
2014-01-13 20:10 . 2010-05-26 10:41	470880	----a-w-	c:\windows\system32\d3dx10_43.dll
2014-01-13 20:10 . 2007-04-04 17:53	81768	----a-w-	c:\windows\system32\xinput1_3.dll
2014-01-13 20:09 . 2014-01-13 20:10	--------	d-----w-	c:\program files\Dolphin x86
2014-01-13 20:07 . 2014-01-13 20:07	--------	d-----w-	c:\program files\Common Files\DirectX
2014-01-12 16:30 . 2014-01-12 16:30	--------	d-----w-	C:\Programme
2014-01-12 15:43 . 2014-01-12 16:12	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 15:40 . 2014-01-12 15:40	51416	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-01-11 23:25 . 2014-01-11 23:25	--------	d-----w-	C:\TDSSKiller_Quarantine
2014-01-11 21:32 . 2014-01-11 21:32	--------	d-----w-	c:\documents and settings\Thomas\Application Data\Malwarebytes
2014-01-11 21:32 . 2014-01-11 21:32	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2014-01-11 21:32 . 2014-01-11 21:32	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2014-01-11 21:32 . 2013-04-04 13:50	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-11 21:30 . 2014-01-11 21:30	--------	d-----w-	c:\documents and settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 21:28 . 2014-01-12 21:22	--------	d-----w-	c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 21:28 . 2014-01-12 08:45	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2014-01-11 21:11 . 2014-01-12 21:39	--------	d-----w-	C:\AdwCleaner
2014-01-10 16:03 . 2014-01-10 16:03	--------	d-----w-	c:\program files\Common Files\Java
2014-01-10 16:03 . 2014-01-10 16:02	145408	----a-w-	c:\windows\system32\javacpl.cpl
2014-01-10 16:03 . 2014-01-10 16:02	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-01-10 16:02 . 2014-01-10 16:02	--------	d-----w-	c:\program files\Java
2014-01-09 14:46 . 2014-01-09 14:47	--------	d-----w-	c:\program files\Common Files\VST3
2014-01-09 11:45 . 2014-01-09 11:45	--------	d-----w-	c:\program files\Common Files\reFX
2014-01-09 11:33 . 2009-10-24 20:15	1332224	----a-w-	c:\windows\system32\SYNSOEMU.DLL
2014-01-06 20:20 . 2014-01-06 20:20	--------	d-----w-	c:\program files\u-he
2014-01-06 20:13 . 1999-12-17 09:13	86016	----a-w-	c:\windows\unvise32.exe
2014-01-06 20:12 . 2014-01-06 20:12	--------	d-----w-	c:\program files\Common Files\Digidesign
2014-01-06 14:04 . 2014-01-06 14:04	--------	d-----w-	c:\program files\LinPlug
2014-01-06 14:02 . 2014-01-06 14:02	--------	d-----w-	c:\program files\Steinberg
2014-01-06 14:02 . 2014-01-06 14:02	1700352	----a-w-	c:\windows\system32\gdiplus.dll
2014-01-05 14:05 . 2008-04-13 23:15	60032	-c--a-w-	c:\windows\system32\dllcache\usbaudio.sys
2014-01-05 14:05 . 2008-04-13 23:15	60032	----a-w-	c:\windows\system32\drivers\USBAUDIO.sys
2014-01-05 13:52 . 2014-01-05 13:52	--------	d-----w-	C:\ProgramData
2014-01-05 00:00 . 2014-01-05 00:00	--------	d-----w-	c:\program files\Common Files\Propellerhead Software
2014-01-05 00:00 . 2014-01-05 00:40	--------	d-----w-	c:\documents and settings\Thomas\Application Data\Ableton
2014-01-04 23:39 . 2014-01-04 23:39	--------	d-----w-	c:\program files\7-Zip
2014-01-03 23:01 . 2014-01-03 23:01	--------	d-----w-	c:\documents and settings\Thomas\Local Settings\Application Data\fontconfig
2014-01-03 23:01 . 2014-01-04 16:39	--------	d-----w-	c:\documents and settings\Thomas\.smplayer
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 01:01 . 2013-04-30 14:20	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-12-11 01:01 . 2011-07-19 06:09	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2004-08-03 22:56	73728	--sha-w-	c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	122512	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00	130736	----a-w-	c:\documents and settings\Thomas\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00	130736	----a-w-	c:\documents and settings\Thomas\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00	130736	----a-w-	c:\documents and settings\Thomas\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00	130736	----a-w-	c:\documents and settings\Thomas\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2013-11-14 3192056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-06 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-06 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-06 94208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
WDDMStatus.lnk.disabled [2013-2-15 1057]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-5706737-706353721-1019313964-13309\Scripts\Logon\0\0]
"Script"=\\triax.int\netlogon\logon-hirschmann-a.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-5706737-706353721-1019313964-17809\Scripts\Logon\0\0]
"Script"=\\triax.int\netlogon\logon-hirschmann-a.vbs
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDSmartWare.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
backup=c:\windows\pss\WDSmartWare.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06	958576	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-01-30 16:49	196608	----a-w-	c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon03]
2003-01-30 16:49	311296	----a-w-	c:\windows\system32\hphmon03.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16	254336	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RemoteRegistry"=2 (0x2)
"Fax"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"BBUpdate"=3 (0x3)
"BBSvc"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" /Background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\Thomas\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\JDownloader\\jre\\bin\\java.exe"=
"c:\\Program Files\\JDownloader\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [08.01.2012 16:18 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [08.01.2012 16:18 314456]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [15.01.2014 19:41 22688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [08.01.2012 16:18 20568]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 14:31 98304]
R3 DFE528TX;D-Link DFE-528TX PCI Adapter;c:\windows\system32\drivers\DLKRTL.SYS [02.02.2009 09:09 45568]
R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [14.11.2013 09:35 723192]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [13.01.2014 22:42 24704]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [11.01.2014 22:32 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.01.2014 22:32 701512]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.06.2009 09:58 20480]
S3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [30.01.2003 17:55 18864]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.01.2014 22:32 22856]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [15.11.2013 19:42 155824]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [15.02.2013 19:13 11520]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-08 00:22	1211672	----a-w-	c:\program files\Google\Chrome\Application\32.0.1700.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-30 01:01]
.
2014-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-09-20 18:03]
.
2014-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-09-20 18:03]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = 
mLocal Page = 
mStart Page = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\*.update
Trusted Zone: triax.com
Trusted Zone: triax.dk
Trusted Zone: triax.uk
Trusted Zone: windowsupdate.com
FF - ProfilePath - c:\documents and settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\
FF - prefs.js: browser.search.selectedEngine - Google Default
FF - prefs.js: browser.startup.homepage - hxxp://www.googe.at/
FF - prefs.js: keyword.URL - 
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-01-16 12:28
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-149951371-905379647-1706633954-1012\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1F5E76E1-FEC9-F271-8665-5AA0D4829C77}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"pahmabijciooejeljcdkflalhofpplek"=hex:61,62,6d,6f,63,61,62,6e,68,6d,67,6e,6b,
   6c,69,6d,6e,65,66,65,68,62,6f,67,6b,64,70,67,6d,62,6c,6d,6d,66,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2014-01-16  12:33:37
ComboFix-quarantined-files.txt  2014-01-16 11:33
ComboFix2.txt  2014-01-12 22:22
.
Vor Suchlauf: 10.947.411.968 bytes free
Nach Suchlauf: 20 Verzeichnis(se), 11.157.069.824 Bytes frei
.
- - End Of File - - 78BE0DA465F402C608ED828D08EAC9F2

--- --- ---
8F558EB6672622401DA993E1E865C861

[/CODE]

danke und bis bald

trancemoisis

schrauber · 17.01.2014, 20:36

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

trancemoisis · 18.01.2014, 16:48

Hallo hier sind die neuen Logs.

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.16.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Thomas :: TRAT00020 [Administrator]

Schutz: Deaktiviert

17.01.2014 22:07:05
mbam-log-2014-01-17 (22-07-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 381318
Laufzeit: 3 Stunde(n), 35 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

# AdwCleaner v3.017 - Report created 18/01/2014 at 15:26:01
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Thomas - TRAT00020
# Running from : C:\Documents and Settings\Thomas\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (de)

[ File : C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [6060 octets] - [11/01/2014 22:11:34]
AdwCleaner[R1].txt - [1070 octets] - [11/01/2014 22:55:36]
AdwCleaner[R2].txt - [1131 octets] - [12/01/2014 22:34:46]
AdwCleaner[R3].txt - [1339 octets] - [18/01/2014 15:23:49]
AdwCleaner[S0].txt - [5691 octets] - [11/01/2014 22:20:41]
AdwCleaner[S1].txt - [1193 octets] - [12/01/2014 22:38:58]
AdwCleaner[S2].txt - [1268 octets] - [18/01/2014 15:26:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1328 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Thomas on 18.01.2014 at 15:34:23,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\Thomas\Application Data\mozilla\firefox\profiles\a4n04b3a.default\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.01.2014 at 15:58:23,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-01-2014 02
Ran by Thomas at 2014-01-18 16:42:53
Running from C:\Documents and Settings\Thomas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

7-Zip 9.22beta (Version:  - )
Ableton Live 9 Suite (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
avast! Free Antivirus (Version: 6.0.1367.0 - AVAST Software)
CCleaner (Version: 4.09 - Piriform)
DAEMON Tools Ultra (Version: 2.1.0.0187 - Disc Soft Ltd)
discoDSP Corona (Version: 4.7 - discoDSP)
discoDSP Discovery Pro (Version: 5.6 - )
Dolphin x86 (Version: 4.0.2 - Dolphin Development Team)
Dropbox (Version: 2.2.3 - Dropbox, Inc.)
DVR-Studio Pro (Version:  - Haenlein Software)
ExpDigital G-Flux v1.0.2 VST (Version:  - )
GForce - Oddity (Version:  - )
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 2.36 build 1181 (Version:  - HDDGURU)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (Version: 140.0.61.61 - Hewlett Packard)
HP PhotoSmart printer Serie (nur entfernen) (Version:  - )
HP Update (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HWiNFO32 Version 4.30 (Version: 4.30 - Martin Malík - REALiX)
Intel(R) Graphics Media Accelerator Driver (Version:  - )
Intel(R) PRO Network Connections Drivers (Version:  - )
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark 5400 Series (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Go (Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.107.08290 (Version: 2.0.107.08290 - Sony)
Microsoft .NET Framework 1.1 (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2572067) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Excel 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
O&O UnErase (Version: 6.0.1899 - O&O Software GmbH)
Office Animation Runtime (Version: 11.0.5510.0 - Microsoft Corporation)
PVRManager (Version: 1.00.0000 - )
reFX Nexus VSTi RTAS v2.2.0 (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (Version:  - )
SH-1001 (Version: 1.0 - Sonic Timeworks)
SMS Advanced Client (Version: 2.50.4253.3000 - Microsoft Corporation) Hidden
Sony PC Companion 2.10.181 (Version: 2.10.181 - Sony)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Outlook 2007 Junk Email Filter (KB2596560) (Version:  - Microsoft)
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB980182) (Version: 1 - Microsoft Corporation) Hidden
VLC media player 0.9.9 (Version: 0.9.9 - VideoLAN Team)
WD SmartWare (Version: 1.1.1.6 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version:  - )
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
WinRAR archiver (Version:  - )

==================== Restore Points  =========================

12-01-2014 21:25:29 Removed TightVNC
13-01-2014 20:10:07 DirectX wurde installiert
16-01-2014 11:09:00 ComboFix created restore point
17-01-2014 10:24:43 Systemprüfpunkt
18-01-2014 07:12:57 Systemprüfpunkt

==================== Hosts content: ==========================

2007-02-19 04:28 - 2014-01-16 12:27 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-18 16:09 - 2014-01-18 10:04 - 02247168 _____ () C:\Program Files\AVAST Software\Avast\defs\14011800\algo.dll
2007-05-03 12:39 - 2006-07-11 00:34 - 00040960 _____ () C:\WINDOWS\system32\lxctpmon.dll
2008-09-08 13:40 - 2008-08-29 09:55 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2014 04:37:36 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/18/2014 04:37:31 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/18/2014 04:19:39 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/18/2014 04:02:08 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/18/2014 04:02:05 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/18/2014 03:30:13 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/18/2014 03:30:09 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/18/2014 08:12:32 AM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/18/2014 00:12:35 AM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/17/2014 04:12:34 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.


System errors:
=============
Error: (01/18/2014 04:39:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/18/2014 04:37:30 PM) (Source: NETLOGON) (User: )
Description: Es steht kein Domänencontroller für die Domäne NTGROUP aus folgendem Grund zur
Verfügung: 
%%1311.

Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und
versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht.

Error: (01/18/2014 04:19:38 PM) (Source: NETLOGON) (User: )
Description: Es steht kein Domänencontroller für die Domäne NTGROUP aus folgendem Grund zur
Verfügung: 
%%1311.

Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und
versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht.

Error: (01/18/2014 04:04:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Image Acquisition (WIA)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/18/2014 04:04:05 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Image Acquisition (WIA).

Error: (01/18/2014 04:04:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/18/2014 04:02:04 PM) (Source: NETLOGON) (User: )
Description: Es steht kein Domänencontroller für die Domäne NTGROUP aus folgendem Grund zur
Verfügung: 
%%1311.

Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und
versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht.

Error: (01/18/2014 03:33:05 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
iaStor
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (01/18/2014 03:33:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SMS Agent Host" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/18/2014 03:33:05 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst SMS Agent Host.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 1527.43 MB
Available physical RAM: 986.68 MB
Total Pagefile: 2906.39 MB
Available Pagefile: 2452.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.53 GB) (Free:13.11 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:37.26 GB) (Free:3.75 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: (KUDDLMUDDL) (Removable) (Total:111.55 GB) (Free:9.79 GB) FAT32
Drive f: (MA_PROFILE) (Removable) (Total:0.47 GB) (Free:0.47 GB) FAT
Drive g: (DRAGON_ECH) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 37 GB) (Disk ID: F97B7001)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: BBC08C10)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 478 MB) (Disk ID: E63BE63B)
Partition 1: (Not Active) - (Size=478 MB) - (Type=06)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 02
Ran by Thomas (administrator) on TRAT00020 on 18-01-2014 16:41:52
Running from C:\Documents and Settings\Thomas\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DameWare Development LLC) C:\WINDOWS\system32\DWRCS.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(DameWare Development) C:\WINDOWS\system32\DWRCST.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3192056 2013-11-14] (Disc Soft Ltd)
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk.disabled
ShortcutTarget: WDDMStatus.lnk.disabled -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google Default
FF Homepage: hxxp://www.googe.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GMX MailCheck - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\toolbar@gmx.net.xpi [2013-04-30]
FF Extension: Adblock Plus - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-08]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Magic Actions for YouTube\u2122) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-01-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (YouTube) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-11]
CHR Extension: (Google-Suche) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (AdBlock Premium) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2013-10-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Click&Clean App) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-01-11]
CHR Extension: (Google Mail) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-01-08]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [723192 2013-11-14] (Disc Soft Ltd)
R2 DWMRCS; C:\Windows\SYSTEM32\DWRCS.EXE [199168 2006-05-31] (DameWare Development LLC)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-10] (Oracle Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
S3 Pml Driver; C:\WINDOWS\system32\HPHipm09.exe [77824 2003-01-30] (HP)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC)
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [30808 2011-11-28] (AVAST Software)
R0 abp480n5; C:\Windows\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [111320 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
R3 DFE528TX; C:\Windows\System32\DRIVERS\DLKRTL.SYS [45568 2002-06-24] (D-Link Corporation               )
S3 Dot4 HPH09; C:\Windows\System32\DRIVERS\hphid409.sys [50800 2003-01-30] (HP)
S3 Dot4Print HPH09; C:\Windows\System32\DRIVERS\hphipr09.sys [16112 2003-01-30] (HP)
S3 Dot4Storage HPH09; C:\Windows\System32\Drivers\hphs2k09.sys [50211 2003-01-30] (Hewlett-Packard)
S3 Dot4Usb HPH09; C:\Windows\System32\drivers\hphius09.sys [18864 2003-01-30] (HP)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-01-13] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [22688 2014-01-15] (REALiX(tm))
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2002-08-28] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2002-08-28] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 catchme; \??\C:\DOCUME~1\Thomas\LOCALS~1\Temp\catchme.sys [x]
S3 idisw2km; system32\DRIVERS\idisw2km.sys [x]
S3 kbstuff; system32\DRIVERS\kbstuff5.sys [x]
U1 RCHelp; 
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-18 16:41 - 2014-01-18 16:42 - 00014923 _____ C:\Documents and Settings\Thomas\Desktop\FRST.txt
2014-01-18 16:10 - 2014-01-18 15:26 - 00001408 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner[S2].txt
2014-01-18 15:58 - 2014-01-18 15:58 - 00001048 _____ C:\Documents and Settings\Thomas\Desktop\JRT.txt
2014-01-18 15:34 - 2014-01-18 15:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-18 15:22 - 2014-01-18 15:22 - 01236282 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner.exe
2014-01-17 19:48 - 2014-01-17 19:51 - 00112477 _____ C:\Documents and Settings\Thomas\Desktop\Neu Textdokument.txt
2014-01-17 18:46 - 2014-01-17 18:46 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\FRST-OlderVersion
2014-01-17 18:45 - 2014-01-17 18:45 - 00000472 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Sylenth.lnk
2014-01-17 18:42 - 2014-01-17 18:42 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Thomas\My Documents\TFC.exe
2014-01-17 15:45 - 2014-01-17 15:46 - 25758864 _____ (Microsoft Corporation) C:\Documents and Settings\Thomas\My Documents\MSNOIE8_DEDE_XP.EXE
2014-01-17 01:18 - 2014-01-17 01:18 - 00000637 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit opera.exe.lnk
2014-01-17 00:46 - 2014-01-17 00:47 - 48203992 _____ (COMODO) C:\Documents and Settings\Thomas\My Documents\DragonSetup.exe
2014-01-17 00:15 - 2014-01-17 00:15 - 00000508 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (2) mit downloads.lnk
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Opera Software
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Opera Software
2014-01-16 12:33 - 2014-01-16 12:33 - 00017166 _____ C:\ComboFix.txt
2014-01-16 11:59 - 2014-01-16 11:59 - 00272174 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-16 01:57 - 2014-01-16 01:57 - 00987410 _____ C:\Documents and Settings\Thomas\Desktop\SecurityCheck.exe
2014-01-16 01:51 - 2014-01-16 01:52 - 01037068 _____ (Thisisu) C:\Documents and Settings\Thomas\Desktop\JRT.exe
2014-01-16 01:50 - 2014-01-16 01:51 - 02347384 _____ (ESET) C:\Documents and Settings\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-01-15 19:41 - 2014-01-15 19:41 - 00022688 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Program Files\HWiNFO32
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2014-01-15 14:46 - 2014-01-15 14:46 - 00377856 _____ C:\Documents and Settings\Thomas\Desktop\gmer_2.1.19163.exe
2014-01-15 14:39 - 2014-01-17 18:46 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-17 18:46 - 01220096 _____ (Farbar) C:\Documents and Settings\Thomas\Desktop\FRST.exe
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:37 - 2014-01-15 14:37 - 00050477 _____ C:\Documents and Settings\Thomas\Desktop\Defogger.exe
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:42 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:40 - 2014-01-13 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-15 19:41 - 00046261 _____ C:\WINDOWS\setupapi.log
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-01-13 21:10 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-01-13 21:10 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:09 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2013-12-12 21:09 - 00000211 _____ C:\Boot.bak
2014-01-12 22:57 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2014-01-12 22:55 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-12 22:55 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-12 22:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-12 22:53 - 2014-01-16 12:33 - 00000000 ____D C:\Qoobox
2014-01-12 22:52 - 2014-01-12 23:15 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:23 - 2014-01-12 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 16:43 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 16:40 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:09 - 2014-01-12 22:52 - 05164834 ____R (Swearware) C:\Documents and Settings\Thomas\Desktop\ComboFix.exe
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-12 00:04 - 2014-01-11 22:54 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:54 - 2002-08-28 00:00 - 00000734 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140111-225421.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-12 22:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-12 09:45 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:11 - 2014-01-18 15:26 - 00000000 ____D C:\AdwCleaner
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:03 - 2014-01-10 17:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:03 - 2014-01-10 17:02 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2009-10-24 21:15 - 01332224 _____ (AD © 2009) C:\WINDOWS\system32\SYNSOEMU.DLL
2014-01-08 12:15 - 2014-01-09 12:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:13 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:00 - 2014-01-05 01:40 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:00 - 2014-01-05 01:03 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 17:39 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

==================== One Month Modified Files and Folders =======

2014-01-18 16:42 - 2014-01-18 16:41 - 00014923 _____ C:\Documents and Settings\Thomas\Desktop\FRST.txt
2014-01-18 16:40 - 2007-02-18 20:34 - 01655688 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-18 16:39 - 2007-02-19 04:28 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-18 16:39 - 2007-02-18 20:47 - 00000466 _____ C:\WINDOWS\SMSCFG.ini
2014-01-18 16:38 - 2013-09-20 19:03 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-18 16:38 - 2007-02-18 21:33 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-18 16:38 - 2007-02-18 21:33 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-18 16:38 - 2007-02-18 20:37 - 00032292 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-18 16:37 - 2007-02-18 20:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-18 16:20 - 2013-09-20 19:03 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-18 16:16 - 2011-09-22 15:30 - 00000178 ___SH C:\Documents and Settings\Thomas\ntuser.ini
2014-01-18 16:08 - 2007-02-18 21:31 - 00612200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-18 15:58 - 2014-01-18 15:58 - 00001048 _____ C:\Documents and Settings\Thomas\Desktop\JRT.txt
2014-01-18 15:34 - 2014-01-18 15:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-18 15:28 - 2012-01-08 18:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982132$
2014-01-18 15:26 - 2014-01-18 16:10 - 00001408 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner[S2].txt
2014-01-18 15:26 - 2014-01-11 22:11 - 00000000 ____D C:\AdwCleaner
2014-01-18 15:22 - 2014-01-18 15:22 - 01236282 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner.exe
2014-01-18 15:01 - 2013-09-23 17:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-17 19:51 - 2014-01-17 19:48 - 00112477 _____ C:\Documents and Settings\Thomas\Desktop\Neu Textdokument.txt
2014-01-17 19:04 - 2009-02-02 10:15 - 00000000 ____D C:\Program Files\Google
2014-01-17 18:46 - 2014-01-17 18:46 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\FRST-OlderVersion
2014-01-17 18:46 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-17 18:46 - 2014-01-15 14:38 - 01220096 _____ (Farbar) C:\Documents and Settings\Thomas\Desktop\FRST.exe
2014-01-17 18:45 - 2014-01-17 18:45 - 00000472 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Sylenth.lnk
2014-01-17 18:42 - 2014-01-17 18:42 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Thomas\My Documents\TFC.exe
2014-01-17 15:46 - 2014-01-17 15:45 - 25758864 _____ (Microsoft Corporation) C:\Documents and Settings\Thomas\My Documents\MSNOIE8_DEDE_XP.EXE
2014-01-17 06:24 - 2013-09-20 19:04 - 00001805 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-01-17 01:18 - 2014-01-17 01:18 - 00000637 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit opera.exe.lnk
2014-01-17 00:47 - 2014-01-17 00:46 - 48203992 _____ (COMODO) C:\Documents and Settings\Thomas\My Documents\DragonSetup.exe
2014-01-17 00:15 - 2014-01-17 00:15 - 00000508 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (2) mit downloads.lnk
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Opera Software
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Opera Software
2014-01-16 16:16 - 2007-02-18 20:37 - 00000000 __SHD C:\Documents and Settings\NetworkService
2014-01-16 12:33 - 2014-01-16 12:33 - 00017166 _____ C:\ComboFix.txt
2014-01-16 12:33 - 2014-01-12 22:53 - 00000000 ____D C:\Qoobox
2014-01-16 12:28 - 2007-02-19 04:28 - 00000246 _____ C:\WINDOWS\system.ini
2014-01-16 12:01 - 2008-01-08 11:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB928843$
2014-01-16 11:59 - 2014-01-16 11:59 - 00272174 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-16 11:59 - 2012-01-08 18:00 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-16 11:59 - 2012-01-08 15:46 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-16 01:57 - 2014-01-16 01:57 - 00987410 _____ C:\Documents and Settings\Thomas\Desktop\SecurityCheck.exe
2014-01-16 01:52 - 2014-01-16 01:51 - 01037068 _____ (Thisisu) C:\Documents and Settings\Thomas\Desktop\JRT.exe
2014-01-16 01:51 - 2014-01-16 01:50 - 02347384 _____ (ESET) C:\Documents and Settings\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-01-15 19:41 - 2014-01-15 19:41 - 00022688 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2014-01-15 19:41 - 2014-01-13 21:10 - 00046261 _____ C:\WINDOWS\setupapi.log
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Program Files\HWiNFO32
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2014-01-15 14:46 - 2014-01-15 14:46 - 00377856 _____ C:\Documents and Settings\Thomas\Desktop\gmer_2.1.19163.exe
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:38 - 2011-09-22 15:30 - 00000000 ____D C:\Documents and Settings\Thomas
2014-01-15 14:37 - 2014-01-15 14:37 - 00050477 _____ C:\Documents and Settings\Thomas\Desktop\Defogger.exe
2014-01-14 05:19 - 2007-02-18 20:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:25 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:45 - 2012-01-08 15:45 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-13 22:42 - 2014-01-13 22:42 - 00024704 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsibus.sys
2014-01-13 22:42 - 2014-01-13 22:42 - 00001652 _____ C:\Documents and Settings\All Users\Desktop\DAEMON Tools Ultra.lnk
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2014-01-13 22:42 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Ultra
2014-01-13 22:41 - 2014-01-13 22:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Program Files\Dolphin x86
2014-01-13 21:10 - 2014-01-13 21:09 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dolphin x86
2014-01-13 21:10 - 2007-02-18 20:34 - 00000000 ____D C:\WINDOWS\system32\DirectX
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:15 - 2014-01-12 22:52 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2007-02-19 04:28 - 00000327 __RSH C:\boot.ini
2014-01-12 22:52 - 2014-01-12 00:09 - 05164834 ____R (Swearware) C:\Documents and Settings\Thomas\Desktop\ComboFix.exe
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:47 - 2012-01-08 15:46 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 22:32 - 2014-01-12 22:23 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 22:30 - 2013-06-27 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-01-12 22:26 - 2007-05-07 10:54 - 00002501 _____ C:\WINDOWS\system32\LexFiles.ulf
2014-01-12 22:22 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 21:02 - 2007-05-01 19:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 17:12 - 2014-01-12 16:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 17:12 - 2014-01-12 16:40 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 09:45 - 2014-01-11 22:28 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-12 01:12 - 2013-09-20 19:32 - 00000000 ____D C:\Program Files\JDownloader
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-11 22:54 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:06 - 2013-11-15 19:42 - 00000000 ____D C:\Program Files\Sony
2014-01-11 20:58 - 2012-02-29 19:23 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\dvdcss
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:05 - 2013-09-20 19:33 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:02 - 2014-01-10 17:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:02 - 2014-01-10 17:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2014-01-08 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 15:13 - 2013-06-29 18:16 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 14:44 - 2008-04-28 14:21 - 00000000 ____D C:\New Folder
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:40 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:03 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 17:39 - 2014-01-04 00:01 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

Some content of TEMP:
====================
C:\Documents and Settings\Thomas\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

--- --- ---

--- --- ---

bitteschön

schrauber · 19.01.2014, 10:22

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

trancemoisis · 20.01.2014, 17:58

Hy hier die Logs der Reihe nach.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d2e6bd81749220419d6c5a0c80734fbb
# engine=16709
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-19 05:36:01
# local_time=2014-01-19 06:36:01 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 84 27832305 166859233 0 0
# scanned=158615
# found=0
# cleaned=0
# scan_time=14582

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.78  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
avast! Antivirus   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 CCleaner     
 Java 7 Update 45  
 Adobe Flash Player 	11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 04
Ran by Thomas (administrator) on TRAT00020 on 19-01-2014 21:29:23
Running from C:\Documents and Settings\Thomas\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DameWare Development LLC) C:\WINDOWS\system32\DWRCS.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(DameWare Development) C:\WINDOWS\system32\DWRCST.EXE
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
() C:\Program Files\VideoLAN\VLC\vlc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\Smtray.exe [143360 2003-07-30] (Analog Devices, Inc.)
HKLM\...\Runonce: [CleanUp] - CleanUp.exe inf
HKLM\...\RunOnce: [SpkrCnfg] - DSndUp.exe [49152 2003-06-16] (Analog Devices Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk.disabled
ShortcutTarget: WDDMStatus.lnk.disabled -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google Default
FF Homepage: hxxp://www.googe.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\searchplugins\google-default.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GMX MailCheck - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\toolbar@gmx.net.xpi [2013-04-30]
FF Extension: Adblock Plus - C:\Documents and Settings\Thomas\Application Data\Mozilla\Firefox\Profiles\a4n04b3a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-08]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.72\pdf.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Magic Actions for YouTube\u2122) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-01-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (YouTube) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-11]
CHR Extension: (Google-Suche) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (AdBlock Premium) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2013-10-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Click&Clean App) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-01-11]
CHR Extension: (Google Mail) - C:\Documents and Settings\Thomas\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-01-08]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
R2 DWMRCS; C:\Windows\SYSTEM32\DWRCS.EXE [199168 2006-05-31] (DameWare Development LLC)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-10] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC)
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
S3 Disc Soft Bus Service; "C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe" [x]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R1 Aavmker4; C:\Windows\System32\Drivers\Aavmker4.sys [30808 2011-11-28] (AVAST Software)
R0 abp480n5; C:\Windows\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMon2; C:\Windows\System32\Drivers\aswMon2.sys [111320 2011-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
R3 DFE528TX; C:\Windows\System32\DRIVERS\DLKRTL.SYS [45568 2002-06-24] (D-Link Corporation               )
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [22688 2014-01-15] (REALiX(tm))
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-18] (Malwarebytes Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2002-08-28] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2002-08-28] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
S3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 catchme; \??\C:\DOCUME~1\Thomas\LOCALS~1\Temp\catchme.sys [x]
S3 idisw2km; system32\DRIVERS\idisw2km.sys [x]
S3 kbstuff; system32\DRIVERS\kbstuff5.sys [x]
U1 RCHelp; 
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 21:21 - 2014-01-19 21:21 - 00000044 _____ C:\WINDOWS\system32\msssc.dll
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\Program Files\Analog Devices
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
2014-01-19 21:21 - 2003-06-16 07:32 - 00049152 _____ (Analog Devices Inc.) C:\WINDOWS\system32\DSndUp.exe
2014-01-19 21:21 - 2003-05-12 15:55 - 00978944 _____ (Analog Devices, Inc.) C:\WINDOWS\SynthCoreA.Dll
2014-01-19 21:21 - 2003-04-08 10:30 - 00003744 _____ (Analog Devices, Inc.) C:\WINDOWS\system32\Drivers\smsens.sys
2014-01-19 21:21 - 2002-11-06 21:23 - 00049152 _____ (SoundMAX) C:\WINDOWS\system32\S11thk32.dll
2014-01-19 21:21 - 2002-11-06 19:00 - 00040820 _____ (SoundMAX) C:\WINDOWS\system32\Syncor11.dll
2014-01-19 21:21 - 2002-08-30 12:59 - 00380928 _____ (Analog Devices, Inc.) C:\WINDOWS\SynCor.exe
2014-01-19 21:21 - 2002-07-24 14:06 - 00045056 _____ (Analog Devices, Inc.) C:\WINDOWS\system32\SynthCore11Resources.dll
2014-01-19 21:21 - 2002-04-17 15:05 - 00045056 _____ (adi) C:\WINDOWS\system32\CleanUp.exe
2014-01-19 21:21 - 2001-09-11 17:20 - 01285632 _____ (Analog Devices) C:\WINDOWS\system32\SMMedia.dll
2014-01-19 21:21 - 2001-09-11 15:20 - 00030208 _____ (Analog Devices Inc.) C:\WINDOWS\system32\wdmioctl.dll
2014-01-19 21:05 - 2014-01-19 21:05 - 00000590 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (3) mit downloads.lnk
2014-01-19 21:04 - 2014-01-19 21:04 - 00000595 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit My Documents.lnk
2014-01-19 20:59 - 2014-01-19 21:01 - 02636112 _____ (Hewlett-Packard Company                                     ) C:\Documents and Settings\Thomas\My Documents\sp36746.exe
2014-01-19 20:58 - 2014-01-19 20:58 - 00000955 _____ C:\Documents and Settings\Thomas\Desktop\checkup.txt
2014-01-19 20:44 - 2014-01-19 20:49 - 14497288 _____ (Hewlett-Packard Company                                     ) C:\Documents and Settings\Thomas\My Documents\sp36228.exe
2014-01-19 01:36 - 2014-01-16 12:27 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20140119-013640.backup
2014-01-18 23:34 - 2014-01-18 23:35 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-18 20:26 - 2014-01-18 20:29 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-18 16:42 - 2014-01-18 16:43 - 00018582 _____ C:\Documents and Settings\Thomas\Desktop\Addition.txt
2014-01-18 16:41 - 2014-01-19 21:30 - 00014480 _____ C:\Documents and Settings\Thomas\Desktop\FRST.txt
2014-01-18 16:10 - 2014-01-18 15:26 - 00001408 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner[S2].txt
2014-01-18 15:58 - 2014-01-18 15:58 - 00001048 _____ C:\Documents and Settings\Thomas\Desktop\JRT.txt
2014-01-18 15:34 - 2014-01-18 15:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-18 15:22 - 2014-01-18 15:22 - 01236282 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner.exe
2014-01-17 19:48 - 2014-01-17 19:51 - 00112477 _____ C:\Documents and Settings\Thomas\Desktop\Neu Textdokument.txt
2014-01-17 18:46 - 2014-01-19 21:13 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\FRST-OlderVersion
2014-01-17 18:45 - 2014-01-17 18:45 - 00000472 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Sylenth.lnk
2014-01-17 18:42 - 2014-01-17 18:42 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Thomas\My Documents\TFC.exe
2014-01-17 15:45 - 2014-01-17 15:46 - 25758864 _____ (Microsoft Corporation) C:\Documents and Settings\Thomas\My Documents\MSNOIE8_DEDE_XP.EXE
2014-01-17 01:18 - 2014-01-17 01:18 - 00000637 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit opera.exe.lnk
2014-01-17 00:46 - 2014-01-17 00:47 - 48203992 _____ (COMODO) C:\Documents and Settings\Thomas\My Documents\DragonSetup.exe
2014-01-17 00:15 - 2014-01-17 00:15 - 00000508 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (2) mit downloads.lnk
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Opera Software
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Opera Software
2014-01-16 12:33 - 2014-01-16 12:33 - 00017166 _____ C:\ComboFix.txt
2014-01-16 11:59 - 2014-01-16 11:59 - 00272174 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-16 01:57 - 2014-01-16 01:57 - 00987410 _____ C:\Documents and Settings\Thomas\Desktop\SecurityCheck.exe
2014-01-16 01:51 - 2014-01-16 01:52 - 01037068 _____ (Thisisu) C:\Documents and Settings\Thomas\Desktop\JRT.exe
2014-01-16 01:50 - 2014-01-16 01:51 - 02347384 _____ (ESET) C:\Documents and Settings\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-01-15 19:41 - 2014-01-15 19:41 - 00022688 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Program Files\HWiNFO32
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2014-01-15 14:46 - 2014-01-15 14:46 - 00377856 _____ C:\Documents and Settings\Thomas\Desktop\gmer_2.1.19163.exe
2014-01-15 14:39 - 2014-01-19 21:13 - 00000000 ____D C:\FRST
2014-01-15 14:38 - 2014-01-19 21:13 - 01221120 _____ (Farbar) C:\Documents and Settings\Thomas\Desktop\FRST.exe
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:37 - 2014-01-15 14:37 - 00050477 _____ C:\Documents and Settings\Thomas\Desktop\Defogger.exe
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:42 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 22:40 - 2014-01-13 22:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-19 21:22 - 00079473 _____ C:\WINDOWS\setupapi.log
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-01-13 21:10 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-01-13 21:10 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-01-13 21:10 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2013-12-12 21:09 - 00000211 _____ C:\Boot.bak
2014-01-12 22:57 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2014-01-12 22:55 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-12 22:55 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-12 22:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-12 22:55 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-12 22:53 - 2014-01-16 12:33 - 00000000 ____D C:\Qoobox
2014-01-12 22:52 - 2014-01-12 23:15 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:23 - 2014-01-12 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 16:43 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 16:40 - 2014-01-12 17:12 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:09 - 2014-01-12 22:52 - 05164834 ____R (Swearware) C:\Documents and Settings\Thomas\Desktop\ComboFix.exe
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-12 00:04 - 2014-01-11 22:54 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:54 - 2002-08-28 00:00 - 00000734 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140111-225421.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-19 00:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-12 09:45 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 22:11 - 2014-01-18 15:26 - 00000000 ____D C:\AdwCleaner
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:03 - 2014-01-10 17:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:03 - 2014-01-10 17:02 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:03 - 2014-01-10 17:02 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:46 - 2014-01-09 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2009-10-24 21:15 - 01332224 _____ (AD © 2009) C:\WINDOWS\system32\SYNSOEMU.DLL
2014-01-08 12:15 - 2014-01-09 12:33 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:05 - 2014-01-08 12:06 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:13 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-05 15:05 - 2008-04-14 00:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:00 - 2014-01-05 01:40 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:00 - 2014-01-05 01:03 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 17:39 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

==================== One Month Modified Files and Folders =======

2014-01-19 21:30 - 2014-01-18 16:41 - 00014480 _____ C:\Documents and Settings\Thomas\Desktop\FRST.txt
2014-01-19 21:22 - 2014-01-13 21:10 - 00079473 _____ C:\WINDOWS\setupapi.log
2014-01-19 21:21 - 2014-01-19 21:21 - 00000044 _____ C:\WINDOWS\system32\msssc.dll
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\Program Files\Analog Devices
2014-01-19 21:21 - 2014-01-19 21:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SoundMAX
2014-01-19 21:21 - 2009-06-09 13:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-19 21:20 - 2013-09-20 19:03 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 21:16 - 2009-06-09 14:11 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2014-01-19 21:13 - 2014-01-17 18:46 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\FRST-OlderVersion
2014-01-19 21:13 - 2014-01-15 14:39 - 00000000 ____D C:\FRST
2014-01-19 21:13 - 2014-01-15 14:38 - 01221120 _____ (Farbar) C:\Documents and Settings\Thomas\Desktop\FRST.exe
2014-01-19 21:13 - 2007-02-18 20:47 - 00000466 _____ C:\WINDOWS\SMSCFG.ini
2014-01-19 21:13 - 2007-02-18 20:34 - 01904206 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-19 21:12 - 2007-02-19 04:28 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-19 21:10 - 2013-09-20 19:03 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 21:09 - 2007-02-18 20:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-19 21:07 - 2007-02-18 20:37 - 00032292 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-19 21:06 - 2011-09-22 15:30 - 00000178 ___SH C:\Documents and Settings\Thomas\ntuser.ini
2014-01-19 21:05 - 2014-01-19 21:05 - 00000590 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (3) mit downloads.lnk
2014-01-19 21:04 - 2014-01-19 21:04 - 00000595 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit My Documents.lnk
2014-01-19 21:01 - 2014-01-19 20:59 - 02636112 _____ (Hewlett-Packard Company                                     ) C:\Documents and Settings\Thomas\My Documents\sp36746.exe
2014-01-19 21:01 - 2013-09-23 17:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-19 20:58 - 2014-01-19 20:58 - 00000955 _____ C:\Documents and Settings\Thomas\Desktop\checkup.txt
2014-01-19 20:49 - 2014-01-19 20:44 - 14497288 _____ (Hewlett-Packard Company                                     ) C:\Documents and Settings\Thomas\My Documents\sp36228.exe
2014-01-19 14:20 - 2007-02-18 20:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB888113$
2014-01-19 14:18 - 2007-02-18 21:33 - 00000499 _____ C:\WINDOWS\wiadebug.log
2014-01-19 02:20 - 2013-09-20 19:32 - 00000000 ____D C:\Program Files\JDownloader
2014-01-19 00:26 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-19 00:10 - 2013-11-20 13:59 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2014-01-19 00:03 - 2007-05-07 10:54 - 00002501 _____ C:\WINDOWS\system32\LexFiles.ulf
2014-01-18 23:57 - 2013-06-27 19:46 - 00000000 ____D C:\Program Files\HP
2014-01-18 23:57 - 2013-06-27 19:45 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\HP
2014-01-18 23:56 - 2013-06-27 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-01-18 23:56 - 2007-02-18 21:29 - 00000000 ____D C:\WINDOWS\twain_32
2014-01-18 23:54 - 2007-02-18 20:33 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-01-18 23:35 - 2014-01-18 23:34 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-18 23:32 - 2013-06-26 22:11 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Dropbox
2014-01-18 23:28 - 2013-06-26 22:20 - 00000000 ___RD C:\Documents and Settings\Thomas\My Documents\Dropbox
2014-01-18 20:29 - 2014-01-18 20:26 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-18 16:43 - 2014-01-18 16:42 - 00018582 _____ C:\Documents and Settings\Thomas\Desktop\Addition.txt
2014-01-18 16:38 - 2007-02-18 21:33 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-18 16:08 - 2007-02-18 21:31 - 00612200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-18 15:58 - 2014-01-18 15:58 - 00001048 _____ C:\Documents and Settings\Thomas\Desktop\JRT.txt
2014-01-18 15:34 - 2014-01-18 15:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-18 15:28 - 2012-01-08 18:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982132$
2014-01-18 15:26 - 2014-01-18 16:10 - 00001408 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner[S2].txt
2014-01-18 15:26 - 2014-01-11 22:11 - 00000000 ____D C:\AdwCleaner
2014-01-18 15:22 - 2014-01-18 15:22 - 01236282 _____ C:\Documents and Settings\Thomas\Desktop\AdwCleaner.exe
2014-01-17 19:51 - 2014-01-17 19:48 - 00112477 _____ C:\Documents and Settings\Thomas\Desktop\Neu Textdokument.txt
2014-01-17 18:45 - 2014-01-17 18:45 - 00000472 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Sylenth.lnk
2014-01-17 18:42 - 2014-01-17 18:42 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Thomas\My Documents\TFC.exe
2014-01-17 15:46 - 2014-01-17 15:45 - 25758864 _____ (Microsoft Corporation) C:\Documents and Settings\Thomas\My Documents\MSNOIE8_DEDE_XP.EXE
2014-01-17 01:18 - 2014-01-17 01:18 - 00000637 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit opera.exe.lnk
2014-01-17 00:47 - 2014-01-17 00:46 - 48203992 _____ (COMODO) C:\Documents and Settings\Thomas\My Documents\DragonSetup.exe
2014-01-17 00:15 - 2014-01-17 00:15 - 00000508 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung (2) mit downloads.lnk
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Opera Software
2014-01-17 00:15 - 2014-01-17 00:15 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Opera Software
2014-01-16 16:16 - 2007-02-18 20:37 - 00000000 __SHD C:\Documents and Settings\NetworkService
2014-01-16 12:33 - 2014-01-16 12:33 - 00017166 _____ C:\ComboFix.txt
2014-01-16 12:33 - 2014-01-12 22:53 - 00000000 ____D C:\Qoobox
2014-01-16 12:28 - 2007-02-19 04:28 - 00000246 _____ C:\WINDOWS\system.ini
2014-01-16 12:27 - 2014-01-19 01:36 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20140119-013640.backup
2014-01-16 12:01 - 2008-01-08 11:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB928843$
2014-01-16 11:59 - 2014-01-16 11:59 - 00272174 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-16 11:59 - 2012-01-08 18:00 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-16 11:59 - 2012-01-08 15:46 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-16 01:57 - 2014-01-16 01:57 - 00987410 _____ C:\Documents and Settings\Thomas\Desktop\SecurityCheck.exe
2014-01-16 01:52 - 2014-01-16 01:51 - 01037068 _____ (Thisisu) C:\Documents and Settings\Thomas\Desktop\JRT.exe
2014-01-16 01:51 - 2014-01-16 01:50 - 02347384 _____ (ESET) C:\Documents and Settings\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-01-15 19:41 - 2014-01-15 19:41 - 00022688 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Program Files\HWiNFO32
2014-01-15 19:37 - 2014-01-15 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2014-01-15 14:46 - 2014-01-15 14:46 - 00377856 _____ C:\Documents and Settings\Thomas\Desktop\gmer_2.1.19163.exe
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 _____ C:\Documents and Settings\Thomas\defogger_reenable
2014-01-15 14:38 - 2011-09-22 15:30 - 00000000 ____D C:\Documents and Settings\Thomas
2014-01-15 14:37 - 2014-01-15 14:37 - 00050477 _____ C:\Documents and Settings\Thomas\Desktop\Defogger.exe
2014-01-14 05:19 - 2007-02-18 20:41 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-13 23:25 - 2014-01-13 23:25 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Disc_Soft_Ltd
2014-01-13 23:25 - 2014-01-13 22:42 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\DAEMON Tools Ultra
2014-01-13 23:23 - 2014-01-13 23:23 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\DAEMON Tools Ultra
2014-01-13 22:55 - 2014-01-13 22:55 - 00000000 ____D C:\WINDOWS\system32\de-DE
2014-01-13 22:45 - 2012-01-08 15:45 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-13 22:41 - 2014-01-13 22:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Ultra
2014-01-13 22:39 - 2014-01-13 22:39 - 00001085 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Chankast_alpha_25.exe.lnk
2014-01-13 22:36 - 2014-01-13 22:36 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Juegos
2014-01-13 21:10 - 2014-01-13 21:10 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Dolphin Emulator
2014-01-13 21:10 - 2007-02-18 20:34 - 00000000 ____D C:\WINDOWS\system32\DirectX
2014-01-13 21:07 - 2014-01-13 21:07 - 00000000 ____D C:\Program Files\Common Files\DirectX
2014-01-12 23:15 - 2014-01-12 22:52 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-12 22:57 - 2014-01-12 22:57 - 00000000 _RSHD C:\cmdcons
2014-01-12 22:57 - 2007-02-19 04:28 - 00000327 __RSH C:\boot.ini
2014-01-12 22:52 - 2014-01-12 00:09 - 05164834 ____R (Swearware) C:\Documents and Settings\Thomas\Desktop\ComboFix.exe
2014-01-12 22:47 - 2014-01-12 22:47 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-12 22:47 - 2012-01-08 15:46 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 22:32 - 2014-01-12 22:23 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\reg back up ccleaner
2014-01-12 21:30 - 2014-01-12 21:30 - 00000580 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit JDownloader.exe.lnk
2014-01-12 21:02 - 2007-05-01 19:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-12 17:30 - 2014-01-12 17:30 - 00000000 ____D C:\Programme
2014-01-12 17:12 - 2014-01-12 16:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-12 17:12 - 2014-01-12 16:40 - 00000000 ____D C:\Documents and Settings\Thomas\Desktop\mbar
2014-01-12 16:40 - 2014-01-12 16:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-12 09:45 - 2014-01-11 22:28 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2014-01-12 00:25 - 2014-01-12 00:25 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000430.backup
2014-01-12 00:04 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000420.backup
2014-01-11 22:54 - 2014-01-12 00:04 - 00450570 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20140112-000408.backup
2014-01-11 22:32 - 2014-01-11 22:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-11 22:32 - 2014-01-11 22:32 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-11 22:30 - 2014-01-11 22:30 - 00000000 ____D C:\Documents and Settings\Thomas\Local Settings\Application Data\Sun
2014-01-11 22:28 - 2014-01-11 22:28 - 00000933 _____ C:\Documents and Settings\Thomas\Desktop\Spybot - Search & Destroy.lnk
2014-01-11 22:28 - 2014-01-11 22:28 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-01-11 20:58 - 2012-02-29 19:23 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\dvdcss
2014-01-11 17:20 - 2014-01-11 17:20 - 00000059 _____ C:\Documents and Settings\Thomas\Application Data\WB.CFG
2014-01-10 21:55 - 2014-01-10 21:55 - 00007722 _____ C:\Documents and Settings\Thomas\Desktop\fvbnm,.xspf
2014-01-10 17:05 - 2013-09-20 19:33 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-01-10 17:05 - 2013-09-20 19:33 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-10 17:03 - 2014-01-10 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-10 17:02 - 2014-01-10 17:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 17:02 - 2014-01-10 17:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-10 17:02 - 2014-01-10 17:03 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-10 17:02 - 2014-01-10 17:02 - 00000000 ____D C:\Program Files\Java
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Sun
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2014-01-09 15:47 - 2014-01-09 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Documents\u-he
2014-01-09 12:45 - 2014-01-09 12:45 - 00000000 ____D C:\Program Files\Common Files\reFX
2014-01-09 12:33 - 2014-01-08 12:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\reFX
2014-01-08 15:13 - 2013-06-29 18:16 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\discoDSP
2014-01-08 12:06 - 2014-01-08 12:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\discoDSP
2014-01-06 21:23 - 2014-01-06 21:23 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LennarDigital
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Program Files\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\u-he
2014-01-06 21:20 - 2014-01-06 21:20 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\u-he
2014-01-06 21:16 - 2014-01-06 21:16 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\Synapse Audio
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sonic Timeworks
2014-01-06 21:13 - 2014-01-06 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GForce
2014-01-06 21:12 - 2014-01-06 21:12 - 00000000 ____D C:\Program Files\Common Files\Digidesign
2014-01-06 21:06 - 2014-01-06 21:06 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\ExpDigital G-Flux v1.0.2 VST
2014-01-06 15:05 - 2014-01-06 15:05 - 00000833 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Ableton Live 9 Suite.exe.lnk
2014-01-06 15:04 - 2014-01-06 15:04 - 00000000 ____D C:\Program Files\LinPlug
2014-01-06 15:02 - 2014-01-06 15:02 - 01700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Program Files\Steinberg
2014-01-06 15:02 - 2014-01-06 15:02 - 00000000 ____D C:\Documents and Settings\Thomas\Start Menu\Programs\LinPlug
2014-01-05 14:44 - 2008-04-28 14:21 - 00000000 ____D C:\New Folder
2014-01-05 14:43 - 2014-01-05 14:43 - 00000627 _____ C:\Documents and Settings\Thomas\Start Menu\Programs\Ableton Live 9 Suite.lnk
2014-01-05 01:40 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\Application Data\Ableton
2014-01-05 01:03 - 2014-01-05 01:00 - 00000000 ____D C:\Documents and Settings\Thomas\My Documents\Ableton
2014-01-05 01:00 - 2014-01-05 01:00 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Program Files\7-Zip
2014-01-05 00:39 - 2014-01-05 00:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-01-04 18:05 - 2014-01-04 18:05 - 00000626 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit downloads.lnk
2014-01-04 17:39 - 2014-01-04 00:01 - 00000000 ____D C:\Documents and Settings\Thomas\.smplayer
2014-01-04 13:21 - 2014-01-04 13:21 - 00000548 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit Desktop.lnk
2014-01-04 00:01 - 2014-01-04 00:01 - 00000556 _____ C:\Documents and Settings\Thomas\Desktop\Verknüpfung mit smplayer.exe.lnk

Some content of TEMP:
====================
C:\Documents and Settings\Thomas\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2014 04
Ran by Thomas at 2014-01-19 21:31:45
Running from C:\Documents and Settings\Thomas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

7-Zip 9.22beta (Version:  - )
Ableton Live 9 Suite (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
avast! Free Antivirus (Version: 6.0.1367.0 - AVAST Software)
CCleaner (Version: 4.09 - Piriform)
discoDSP Corona (Version: 4.7 - discoDSP)
discoDSP Discovery Pro (Version: 5.6 - )
DVR-Studio Pro (Version:  - Haenlein Software)
ExpDigital G-Flux v1.0.2 VST (Version:  - )
GForce - Oddity (Version:  - )
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 2.36 build 1181 (Version:  - HDDGURU)
HP Update (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HWiNFO32 Version 4.30 (Version: 4.30 - Martin Malík - REALiX)
Intel(R) Graphics Media Accelerator Driver (Version:  - )
Intel(R) PRO Network Connections Drivers (Version:  - )
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark 5400 Series (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2572067) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Excel 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
O&O UnErase (Version: 6.0.1899 - O&O Software GmbH)
Office Animation Runtime (Version: 11.0.5510.0 - Microsoft Corporation)
PVRManager (Version: 1.00.0000 - )
reFX Nexus VSTi RTAS v2.2.0 (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (Version:  - )
SH-1001 (Version: 1.0 - Sonic Timeworks)
SMS Advanced Client (Version: 2.50.4253.3000 - Microsoft Corporation) Hidden
SoundMAX (Version: 5.12.01.4070 - Analog Devices)
Spybot - Search & Destroy (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Outlook 2007 Junk Email Filter (KB2596560) (Version:  - Microsoft)
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB980182) (Version: 1 - Microsoft Corporation) Hidden
VLC media player 0.9.9 (Version: 0.9.9 - VideoLAN Team)
WD SmartWare (Version: 1.1.1.6 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version:  - )
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
WinRAR archiver (Version:  - )

==================== Restore Points  =========================

19-01-2014 20:24:23 Removed Spelling Dictionaries Support For Adobe Reader 9.

==================== Hosts content: ==========================

2007-02-19 04:28 - 2014-01-19 01:36 - 00449863 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-19 13:54 - 2014-01-19 09:21 - 02247168 _____ () C:\Program Files\AVAST Software\Avast\defs\14011900\algo.dll
2007-05-03 12:39 - 2006-07-11 00:34 - 00040960 _____ () C:\WINDOWS\system32\lxctpmon.dll
2008-09-08 13:40 - 2008-08-29 09:55 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00104448 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 02052096 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00158208 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdshow_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 02429440 _____ () C:\Program Files\VideoLAN\VLC\plugins\libskins2_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00038400 _____ () C:\Program Files\VideoLAN\VLC\plugins\libvout_directx_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00024064 _____ () C:\Program Files\VideoLAN\VLC\plugins\libwaveout_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008192 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00013312 _____ () C:\Program Files\VideoLAN\VLC\plugins\libaccess_directory_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008192 _____ () C:\Program Files\VideoLAN\VLC\plugins\libaccess_file_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00087040 _____ () C:\Program Files\VideoLAN\VLC\plugins\libplaylist_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 01180160 _____ () C:\Program Files\VideoLAN\VLC\plugins\libxml_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00022016 _____ () C:\Program Files\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 09238016 _____ () C:\Program Files\VideoLAN\VLC\plugins\libqt4_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00212992 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00024064 _____ () C:\Program Files\VideoLAN\VLC\plugins\libvcd_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00193024 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmp4_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00065024 _____ () C:\Program Files\VideoLAN\VLC\plugins\libavi_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00075776 _____ () C:\Program Files\VideoLAN\VLC\plugins\libasf_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008704 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdtssys_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00047104 _____ () C:\Program Files\VideoLAN\VLC\plugins\libflacsys_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008192 _____ () C:\Program Files\VideoLAN\VLC\plugins\liba52sys_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00050688 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmpc_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00014336 _____ () C:\Program Files\VideoLAN\VLC\plugins\libnuv_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00009216 _____ () C:\Program Files\VideoLAN\VLC\plugins\libtta_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010752 _____ () C:\Program Files\VideoLAN\VLC\plugins\libwav_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007680 _____ () C:\Program Files\VideoLAN\VLC\plugins\libm4a_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00009216 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmpga_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00006656 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmpgv_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\libsap_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 01063936 _____ () C:\Program Files\VideoLAN\VLC\plugins\liblive555_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 01288704 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmkv_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00057344 _____ () C:\Program Files\VideoLAN\VLC\plugins\libogg_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00025088 _____ () C:\Program Files\VideoLAN\VLC\plugins\libreal_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00012800 _____ () C:\Program Files\VideoLAN\VLC\plugins\libsmf_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00009216 _____ () C:\Program Files\VideoLAN\VLC\plugins\libaiff_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007680 _____ () C:\Program Files\VideoLAN\VLC\plugins\libau_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00262656 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmod_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010240 _____ () C:\Program Files\VideoLAN\VLC\plugins\libnsv_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00013312 _____ () C:\Program Files\VideoLAN\VLC\plugins\libpva_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010752 _____ () C:\Program Files\VideoLAN\VLC\plugins\librawvid_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00103424 _____ () C:\Program Files\VideoLAN\VLC\plugins\libts_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010240 _____ () C:\Program Files\VideoLAN\VLC\plugins\libvoc_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00006656 _____ () C:\Program Files\VideoLAN\VLC\plugins\libxa_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00027136 _____ () C:\Program Files\VideoLAN\VLC\plugins\libps_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00035328 _____ () C:\Program Files\VideoLAN\VLC\plugins\libty_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010752 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmjpeg_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00006144 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdemux_cdg_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008192 _____ () C:\Program Files\VideoLAN\VLC\plugins\libnsc_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008704 _____ () C:\Program Files\VideoLAN\VLC\plugins\librawdv_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 05444096 _____ () C:\Program Files\VideoLAN\VLC\plugins\libavformat_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00009216 _____ () C:\Program Files\VideoLAN\VLC\plugins\libcdg_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00011264 _____ () C:\Program Files\VideoLAN\VLC\plugins\libfake_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00201216 _____ () C:\Program Files\VideoLAN\VLC\plugins\libpng_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00701440 _____ () C:\Program Files\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00125952 _____ () C:\Program Files\VideoLAN\VLC\plugins\liblibmpeg2_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00010240 _____ () C:\Program Files\VideoLAN\VLC\plugins\liba52_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00020992 _____ () C:\Program Files\VideoLAN\VLC\plugins\libaraw_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00012288 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdts_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00303616 _____ () C:\Program Files\VideoLAN\VLC\plugins\libfaad_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00249344 _____ () C:\Program Files\VideoLAN\VLC\plugins\libflac_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 02868224 _____ () C:\Program Files\VideoLAN\VLC\plugins\liblibass_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007680 _____ () C:\Program Files\VideoLAN\VLC\plugins\liblpcm_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00012288 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00094208 _____ () C:\Program Files\VideoLAN\VLC\plugins\libspeex_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00282112 _____ () C:\Program Files\VideoLAN\VLC\plugins\libtheora_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 01168384 _____ () C:\Program Files\VideoLAN\VLC\plugins\libvorbis_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 04886528 _____ () C:\Program Files\VideoLAN\VLC\plugins\libavcodec_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00018432 _____ () C:\Program Files\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00022016 _____ () C:\Program Files\VideoLAN\VLC\plugins\libadjust_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 02881024 _____ () C:\Program Files\VideoLAN\VLC\plugins\libfreetype_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00035328 _____ () C:\Program Files\VideoLAN\VLC\plugins\libblend_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00041984 _____ () C:\Program Files\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00152064 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00107008 _____ () C:\Program Files\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00023040 _____ () C:\Program Files\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007168 _____ () C:\Program Files\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00006144 _____ () C:\Program Files\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00019968 _____ () C:\Program Files\VideoLAN\VLC\plugins\libconverter_float_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007680 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00008704 _____ () C:\Program Files\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00013824 _____ () C:\Program Files\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00009216 _____ () C:\Program Files\VideoLAN\VLC\plugins\liblinear_resampler_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00006144 _____ () C:\Program Files\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
2009-03-31 23:15 - 2009-03-31 23:15 - 00007680 _____ () C:\Program Files\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 09:10:01 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/19/2014 09:09:53 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/19/2014 03:34:42 PM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung opera.exe, Version 18.0.1284.68, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (01/19/2014 02:22:00 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/19/2014 02:21:55 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen.

Error: (01/19/2014 01:51:01 PM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/19/2014 00:37:35 AM) (Source: AutoEnrollment) (User: )
Description: Die automatische Zertifikatregistrierung für "lokaler Computer" konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
 Die Registrierung wird nicht durchgeführt.

Error: (01/19/2014 00:02:48 AM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (01/18/2014 11:35:13 PM) (Source: Wechselmediendienst) (User: )
Description: Laufwerk 0Kingston DataTraveler 2.0 USB Device

Error: (01/18/2014 11:35:08 PM) (Source: Wechselmediendienst) (User: )
Description: Laufwerk 0Kingston DataTraveler 2.0 USB Device


System errors:
=============
Error: (01/19/2014 09:24:08 PM) (Source: 0) (User: )
Description: 0xC00003682.0.0.0__b03f5f7f11d50a3aHardd .. lume1

Error: (01/19/2014 09:12:10 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WD SmartWare Background Service.

Error: (01/19/2014 09:12:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/19/2014 09:09:52 PM) (Source: NETLOGON) (User: )
Description: Es steht kein Domänencontroller für die Domäne NTGROUP aus folgendem Grund zur
Verfügung: 
%%1311.

Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und
versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht.

Error: (01/19/2014 06:22:01 PM) (Source: NETLOGON) (User: )
Description: Es steht kein Domänencontroller für die Domäne NTGROUP aus folgendem Grund zur
Verfügung: 
%%1311.

Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und
versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht.

Error: (01/19/2014 03:20:44 PM) (Source: Service Control Manager) (User: )
Description: Dienst "WD SmartWare Drive Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/19/2014 02:24:43 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
abp480n5
adpu160m
agp440
agpCPQ
Aha154x
aic78u2
aic78xx
AliIde
alim1541
amdagp
amsint
asc
asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
iaStor
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error: (01/19/2014 02:24:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SMS Agent Host" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/19/2014 02:24:43 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst SMS Agent Host.

Error: (01/19/2014 02:24:42 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WD SmartWare Background Service.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 1527.43 MB
Available physical RAM: 813.04 MB
Total Pagefile: 2906.39 MB
Available Pagefile: 2269.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.53 GB) (Free:13.44 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:37.26 GB) (Free:5.79 GB) NTFS
Drive e: (KUDDLMUDDL) (Removable) (Total:111.55 GB) (Free:9.81 GB) FAT32
Drive f: (MA_PROFILE) (Removable) (Total:0.47 GB) (Free:0.47 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 37 GB) (Disk ID: F97B7001)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: BBC08C10)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 478 MB) (Disk ID: E63BE63B)
Partition 1: (Not Active) - (Size=478 MB) - (Type=06)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End Of Log ============================

Nun hoffe ich, dass alles gut ist, denke aber nicht. Meine Soundkarte stock seit 2 tagen und der Start diverser Programme dauert länger als gewohnt und Mozilla leitet mich jetzt zu hxxp://www.simon-pokorny.com/ um. Hmmm was nun???

Grüße

Jetzt werde ich wider auf hxxp://searchresultsguide.com/?dn=googe.at&pid=9POGER71L umgeleitet.

schrauber · 21.01.2014, 10:53

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann:

https://support.mozilla.org/de/kb/fi...einfach-loesen

Downloade dir bitte Windows Repair (All In One) von hier.

Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
Klicke auf Step 2 und drücke unter Check Disk auf Do It.
Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.
Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.
Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
Hake Restart System when Finished an.
Drücke Start.

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

und ein frisches FRST log bitte.

windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme

Log-Analyse und Auswertung: windows xp: mit der insallation von jdownloader hat sich optimizer pro eingeschlichen nun habe ich mehrere Probleme