Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Grosser Virenscan

Grosser Virenscan


Plagegeister aller Art und deren Bekämpfung: Grosser Virenscan

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.01.2014, 19:06   #1
Baldoius
 
Grosser Virenscan - Standard

Grosser Virenscan


Hallo!

Ich würde gerne mal ein Durchcheck meines PC machen.
Wo soll ich beginnen?

für Antworten

Gruss Baldoius

1. Defogger

--> Hab ich gemacht!

2. FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by ***** (administrator) on ASUS-X73S on 28-01-2014 18:58:42
Running from C:\Users\*****\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Thong Nguyen) C:\Program Files (x86)\PowerMenu\PowerMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(dotPDN LLC) C:\Program Files\Paint.NET\PaintDotNet.exe
() C:\Program Files (x86)\Sublime Text 2\sublime_text.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2013-05-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-19] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6070040 2013-04-23] (Piriform Ltd)
HKCU\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Administrator\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin
HKU\Administrator\...\Policies\system: [LogonHoursAction] 2
HKU\Administrator\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Gast\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Gast\...\Policies\system: [LogonHoursAction] 2
HKU\Gast\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Lea\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6588144 2013-10-08] (SUPERAntiSpyware)
HKU\Lea\...\Policies\system: [LogonHoursAction] 2
HKU\Lea\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Spielekonto\...\Policies\system: [LogonHoursAction] 2
HKU\Spielekonto\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-04-08] (NVIDIA Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerMenu.lnk
ShortcutTarget: PowerMenu.lnk -> C:\Program Files (x86)\PowerMenu\PowerMenu.exe (Thong Nguyen)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = itprojekt.square7.ch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28B49E387EC5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {5F519B46-96EF-499F-BF24-C9E1548FA56B} hxxp://sonycam/program/SonySncDf70View.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.210 88.84.16.108
Tcpip\..\Interfaces\{52ACCD0C-CD6E-4B80-B520-286DEEC015E3}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{CC6F69AF-BEC2-436E-AA09-0D9DE562E21B}: [NameServer]127.0.0.1
Tcpip\..\Interfaces\{DBBFFA38-D610-4F10-BE35-C07573F64B15}: [NameServer]192.168.0.220,192.168.0.210
Tcpip\..\Interfaces\{E3B07140-174D-4590-A16C-E4C23E71385D}: [NameServer]192.168.0.210,192.168.0.220

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default
FF Homepage: www.google.ch
FF NetworkProxy: "backup.ftp", "5.9.203.92"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "5.9.203.92"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "5.9.203.92"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "91.228.53.28"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "91.228.53.28"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228.53.28"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "91.228.53.28"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20121231-0404 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @greentube.com/GreenWebPlayer - C:\Games\GreenWebPlayer\npgreenwebplayer.dll (Greentube Internet Entertainment Solutions GmbH)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.0.0 - C:\Users\*****\AppData\Roaming\..\LocalLow\StoneTrip\Web Player\npShiVa3D.dll (StoneTrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\anderes-wortde.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-12-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-12-24]
FF Extension: ipFuck - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\ipfuck@p4ul.info.xpi [2013-11-10]
FF Extension: ScrapBook - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-12-26]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-05-19]
FF Extension: ReloadEvery - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-12-28]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-24]
FF Extension: BetterPrivacy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-26]
FF Extension: DownThemAll! - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-12-23]
FF Extension: Adblock Edge - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\koq680jp.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-01]

Chrome: 
=======
CHR Extension: (avast! Online Security) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-26]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-19] (AVAST Software)
S4 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S4 DCMessages; C:\Windows\SysWOW64\DCMessages.exe [99720 2009-11-24] (Global Graphics Software Ltd)
S4 FileZilla Server; c:\xampp\filezillaftp\filezillaserver.exe [632320 2012-05-11] (FileZilla Project)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [403536 2010-10-26] (Logitech, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S4 mysql; C:\xampp\mysql\bin\mysqld.exe [8186368 2012-07-20] ()
R3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2013-09-09] (O&O Software GmbH)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 PortReporter; C:\Program Files (x86)\PortReporter\portreporter.exe [90183 2004-03-30] ()
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2011-09-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-19] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-19] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116936 2013-09-09] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41160 2013-09-09] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255688 2013-09-09] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44744 2013-09-09] (O&O Software GmbH)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2013-12-21] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS; 
S3 getbus; \??\C:\Users\*****\AppData\Local\Temp\getbus.sys [x]
S3 meddmrr; system32\DRIVERS\meddmrr.sys [x]
U3 aswMBR; \??\C:\Users\*****\AppData\Local\Temp\aswMBR.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 18:59 - 2014-01-28 18:59 - 00380416 _____ C:\Users\*****\Downloads\s03z4bxb.exe
2014-01-28 18:58 - 2014-01-28 18:58 - 00025231 _____ C:\Users\*****\Downloads\FRST.txt
2014-01-28 18:57 - 2014-01-28 18:58 - 02079232 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-01-28 18:57 - 2014-01-28 18:57 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-28 18:56 - 2014-01-28 18:56 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2014-01-28 18:39 - 2014-01-28 18:43 - 00000000 ____D C:\Users\*****\VirtualBox VMs
2014-01-28 18:38 - 2014-01-28 18:44 - 741343232 _____ C:\Users\*****\Downloads\ubuntu-12.04.3-desktop-i386.iso
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ C:\Users\*****\Documents\MBR.dat
2014-01-28 17:00 - 2014-01-28 17:09 - 00002593 _____ C:\Users\*****\Documents\aswMBR.txt
2014-01-28 16:54 - 2014-01-28 16:55 - 04745728 _____ (AVAST Software) C:\Users\*****\Downloads\aswmbr.exe
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D C:\Users\*****\Downloads\lightbox2.6
2014-01-27 19:55 - 2014-01-27 19:55 - 00745781 _____ C:\Users\*****\Downloads\lightbox2.6.zip
2014-01-27 19:05 - 2014-01-27 19:05 - 00000000 ____D C:\Users\*****\Desktop\*****_Geburtstag_12
2014-01-27 17:38 - 2014-01-28 18:35 - 00000000 ____D C:\Users\*****\Desktop\Unser Sonnensystem und Planeten
2014-01-27 17:13 - 2014-01-27 17:13 - 00187528 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 17:50 - 2014-01-26 17:54 - 00000000 ____D C:\AdwCleaner
2014-01-26 17:50 - 2014-01-26 17:50 - 01236282 _____ C:\Users\*****\Downloads\adwcleaner_3.017.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\*****\Downloads\HiJackThis204.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00013168 _____ C:\Users\*****\Downloads\hijackthis.log
2014-01-26 17:36 - 2014-01-26 17:36 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D C:\Program Files\Speccy
2014-01-26 17:35 - 2014-01-26 17:35 - 04779896 _____ (Piriform Ltd) C:\Users\*****\Downloads\spsetup124.exe
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D C:\Users\*****\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ C:\Users\*****\AppData\Roaming\iRotate.INI
2014-01-26 17:25 - 2014-01-26 17:26 - 00000000 ____D C:\Program Files (x86)\EeeRotate
2014-01-26 08:15 - 2014-01-28 06:39 - 00012420 _____ C:\Windows\IE11_main.log
2014-01-25 20:10 - 2014-01-25 20:10 - 00000022 _____ C:\Users\*****\Downloads\KeePass-2.24-German.zip
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ C:\Users\*****\Documents\KeePass.html
2014-01-25 20:06 - 2014-01-25 20:06 - 00000022 _____ C:\Users\*****\Downloads\KeePass-1.26-German.zip
2014-01-25 19:54 - 2014-01-25 19:54 - 00002101 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-25 10:21 - 2014-01-25 10:23 - 00000000 ____D C:\Users\*****\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe_Systems_Incorporate
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ C:\Users\Spielekonto\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ C:\Users\Spielekonto\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ C:\Users\Spielekonto\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ C:\Users\Spielekonto\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D C:\ASUS WebStorage
2014-01-19 08:57 - 2014-01-19 08:57 - 00000383 _____ C:\Users\*****\Downloads\432141325.csv
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Sublime Text 2
2014-01-19 07:59 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-19 07:59 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-19 07:59 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-19 07:56 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-19 07:56 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-19 07:56 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-19 07:56 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-19 07:56 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-19 07:56 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-19 07:56 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-19 07:55 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-19 07:55 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-19 07:55 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-19 07:55 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-19 07:55 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-19 07:55 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\ASUS WebStorage
2014-01-18 17:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-18 17:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-18 17:31 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-18 17:31 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-18 17:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-18 17:31 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-18 17:31 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-18 17:31 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-18 17:31 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-18 17:31 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-18 17:31 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-18 17:31 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-18 17:31 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-18 17:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-18 17:31 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-18 17:31 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-18 17:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-18 17:31 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-18 17:31 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-18 17:31 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-18 17:31 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-18 17:31 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-18 17:31 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-18 17:31 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-01-18 17:31 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-01-18 17:31 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-18 17:31 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-18 17:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 17:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 17:26 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-18 17:26 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-18 17:26 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-18 17:26 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-18 17:26 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-18 17:26 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-18 17:26 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-18 17:26 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-18 17:26 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D C:\Program Files (x86)\PolarSoft
2014-01-18 11:52 - 1998-06-23 23:00 - 00067376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Sysinfo.ocx
2014-01-18 11:51 - 2014-01-18 11:51 - 02475601 _____ (PolarSoft                                                   ) C:\Users\*****\Downloads\TMSetup.exe
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:42 - 2014-01-18 11:44 - 00000009 _____ C:\Windows\system32\online.txt
2014-01-18 11:40 - 2014-01-24 20:39 - 00000000 ____D C:\Program Files (x86)\Online_Program
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 07:28 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 07:28 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 07:28 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00001328 _____ C:\Users\*****\Desktop\PC Inspector File Recovery.lnk
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Program Files (x86)\Convar
2014-01-17 12:50 - 2014-01-17 12:51 - 03462033 _____ C:\Users\*****\Downloads\pci_filerecovery.exe
2014-01-17 12:50 - 2014-01-17 12:50 - 03736125 _____ C:\Users\*****\Downloads\testdisk-6.14.win.zip
2014-01-17 12:44 - 2014-01-17 12:44 - 00000000 ____D C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-17 12:26 - 2014-01-20 16:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2014-01-03 14:09 - 2014-01-03 14:09 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\AVAST Software
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Stardock
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Logitech
2014-01-03 14:07 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Adobe
2014-01-03 14:07 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Origin
2014-01-03 14:07 - 2014-01-03 14:07 - 00187528 _____ C:\Users\Spielekonto\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 14:07 - 2014-01-03 14:07 - 00001427 _____ C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Origin
2014-01-03 14:06 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\VirtualStore
2014-01-03 14:06 - 2014-01-19 08:00 - 00168856 __RSH C:\Users\Spielekonto\ntuser.pol
2014-01-03 14:05 - 2014-01-19 12:51 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Google
2014-01-03 14:05 - 2014-01-19 08:00 - 00000000 ____D C:\Users\Spielekonto
2014-01-03 14:05 - 2014-01-03 14:05 - 00000020 ___SH C:\Users\Spielekonto\ntuser.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Vorlagen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Startmenü
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Netzwerkumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Lokale Einstellungen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Eigene Dateien
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Druckumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Musik
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Bilder
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Verlauf
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Anwendungsdaten
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Anwendungsdaten
2014-01-03 14:05 - 2013-10-26 14:33 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\ifolor
2014-01-03 14:05 - 2012-12-09 15:46 - 00000000 ____D C:\Users\Spielekonto\AppData\LocalGoogle
2014-01-03 14:05 - 2012-06-03 06:24 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Microsoft Help
2014-01-03 14:05 - 2011-06-22 11:46 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-01-03 14:05 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-03 14:05 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-01 19:20 - 2014-01-01 19:20 - 00135712 _____ C:\wubildr
2014-01-01 18:09 - 2014-01-01 18:09 - 00008192 _____ C:\wubildr.mbr
2014-01-01 17:13 - 2014-01-01 17:15 - 00000000 ____D C:\Users\*****\Downloads\Windows_7_Wallpaper
2014-01-01 17:13 - 2014-01-01 17:14 - 00000000 ____D C:\Windows\wallpapers
2014-01-01 17:09 - 2014-01-01 17:09 - 00001850 _____ C:\Users\*****\Desktop\Maya.lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001425 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.3).lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001284 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.1).lnk
2014-01-01 17:08 - 2014-01-01 17:08 - 00001045 _____ C:\Users\*****\Desktop\Schweizer Strassenschilder.lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2011 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001263 _____ C:\Users\*****\Desktop\Skiregion Simulator 2012 .lnk
2014-01-01 17:01 - 2014-01-01 17:01 - 00003037 _____ C:\Users\*****\Desktop\Excel 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00003015 _____ C:\Users\*****\Desktop\Word 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00002937 _____ C:\Users\*****\Desktop\PowerPoint 2013.lnk
2014-01-01 16:54 - 2014-01-01 16:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Bildverkleinerer
2014-01-01 16:10 - 2014-01-01 16:10 - 00290304 _____ (Dr. Wuro Industries) C:\Users\*****\Downloads\verkleinerer17b.exe

==================== One Month Modified Files and Folders =======

2014-01-28 18:59 - 2014-01-28 18:59 - 00380416 _____ C:\Users\*****\Downloads\s03z4bxb.exe
2014-01-28 18:59 - 2014-01-28 18:58 - 00025231 _____ C:\Users\*****\Downloads\FRST.txt
2014-01-28 18:58 - 2014-01-28 18:57 - 02079232 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-01-28 18:57 - 2014-01-28 18:57 - 00000472 _____ C:\Users\*****\Downloads\defogger_disable.log
2014-01-28 18:57 - 2014-01-28 18:57 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-28 18:57 - 2011-08-07 10:00 - 00000000 ____D C:\Users\*****
2014-01-28 18:56 - 2014-01-28 18:56 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe
2014-01-28 18:53 - 2012-09-11 04:04 - 00000000 __SHD C:\xampp
2014-01-28 18:48 - 2012-04-12 11:49 - 00000000 ____D C:\Users\*****\.VirtualBox
2014-01-28 18:44 - 2014-01-28 18:38 - 741343232 _____ C:\Users\*****\Downloads\ubuntu-12.04.3-desktop-i386.iso
2014-01-28 18:43 - 2014-01-28 18:39 - 00000000 ____D C:\Users\*****\VirtualBox VMs
2014-01-28 18:35 - 2014-01-27 17:38 - 00000000 ____D C:\Users\*****\Desktop\Unser Sonnensystem und Planeten
2014-01-28 18:28 - 2012-03-29 11:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 18:12 - 2013-09-01 19:02 - 01092631 _____ C:\Windows\WindowsUpdate.log
2014-01-28 18:12 - 2012-09-14 17:23 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 17:09 - 2014-01-28 17:09 - 00000512 _____ C:\Users\*****\Documents\MBR.dat
2014-01-28 17:09 - 2014-01-28 17:00 - 00002593 _____ C:\Users\*****\Documents\aswMBR.txt
2014-01-28 17:00 - 2011-09-25 07:45 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2014-01-28 16:55 - 2014-01-28 16:54 - 04745728 _____ (AVAST Software) C:\Users\*****\Downloads\aswmbr.exe
2014-01-28 16:53 - 2013-09-07 11:13 - 00000000 ____D C:\Users\*****\Desktop\Thunderbird
2014-01-28 16:53 - 2013-07-17 18:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce8313387cd85a.job
2014-01-28 16:53 - 2013-06-12 05:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 06:39 - 2014-01-26 08:15 - 00012420 _____ C:\Windows\IE11_main.log
2014-01-27 19:56 - 2014-01-27 19:56 - 00000000 ____D C:\Users\*****\Downloads\lightbox2.6
2014-01-27 19:56 - 2013-10-25 20:36 - 00097280 ___SH C:\Users\*****\Documents\Thumbs.db
2014-01-27 19:55 - 2014-01-27 19:55 - 00745781 _____ C:\Users\*****\Downloads\lightbox2.6.zip
2014-01-27 19:32 - 2011-08-08 16:05 - 00000000 ____D C:\Users\*****\AppData\Local\Paint.NET
2014-01-27 19:05 - 2014-01-27 19:05 - 00000000 ____D C:\Users\*****\Desktop\*****_Geburtstag_12
2014-01-27 17:38 - 2013-09-28 06:00 - 00333312 ___SH C:\Users\*****\Desktop\Thumbs.db
2014-01-27 17:13 - 2014-01-27 17:13 - 00187528 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 12:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-27 12:10 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 12:10 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 12:02 - 2013-12-08 17:46 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-27 12:02 - 2011-08-07 10:00 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2014-01-27 12:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-26 17:54 - 2014-01-26 17:50 - 00000000 ____D C:\AdwCleaner
2014-01-26 17:50 - 2014-01-26 17:50 - 01236282 _____ C:\Users\*****\Downloads\adwcleaner_3.017.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\*****\Downloads\HiJackThis204.exe
2014-01-26 17:47 - 2014-01-26 17:47 - 00013168 _____ C:\Users\*****\Downloads\hijackthis.log
2014-01-26 17:36 - 2014-01-26 17:36 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-26 17:36 - 2014-01-26 17:36 - 00000000 ____D C:\Program Files\Speccy
2014-01-26 17:35 - 2014-01-26 17:35 - 04779896 _____ (Piriform Ltd) C:\Users\*****\Downloads\spsetup124.exe
2014-01-26 17:35 - 2012-12-12 17:46 - 00236544 ___SH C:\Users\*****\Thumbs.db
2014-01-26 17:33 - 2014-01-26 17:33 - 00000000 ____D C:\Users\*****\Downloads\Wirelesskeyview_168
2014-01-26 17:26 - 2014-01-26 17:26 - 00000028 _____ C:\Users\*****\AppData\Roaming\iRotate.INI
2014-01-26 17:26 - 2014-01-26 17:25 - 00000000 ____D C:\Program Files (x86)\EeeRotate
2014-01-26 16:25 - 2013-05-19 17:09 - 00022528 _____ C:\Users\*****\AppData\Local\WebpageIcons.db
2014-01-26 11:25 - 2013-03-24 14:14 - 00000000 ____D C:\Users\*****\AppData\Roaming\KeePass
2014-01-25 20:10 - 2014-01-25 20:10 - 00000022 _____ C:\Users\*****\Downloads\KeePass-2.24-German.zip
2014-01-25 20:10 - 2013-03-24 14:01 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2014-01-25 20:09 - 2014-01-25 20:09 - 00002375 _____ C:\Users\*****\Documents\KeePass.html
2014-01-25 20:06 - 2014-01-25 20:06 - 00000022 _____ C:\Users\*****\Downloads\KeePass-1.26-German.zip
2014-01-25 19:54 - 2014-01-25 19:54 - 00002101 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 3.1.lnk
2014-01-25 19:53 - 2014-01-25 19:53 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-25 19:42 - 2011-06-22 11:39 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-25 10:23 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\Documents\My Digital Editions
2014-01-25 10:21 - 2014-01-25 10:21 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe_Systems_Incorporate
2014-01-25 10:21 - 2011-08-29 12:30 - 00000000 ___HD C:\Program Files (x86)\Adobe
2014-01-25 10:17 - 2013-12-12 16:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-01-24 20:39 - 2014-01-18 11:40 - 00000000 ____D C:\Program Files (x86)\Online_Program
2014-01-23 20:16 - 2009-07-14 06:08 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-20 16:45 - 2014-01-17 12:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2014-01-20 12:29 - 2009-07-29 07:03 - 00000000 ____D C:\Windows\Panther
2014-01-20 12:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-19 18:20 - 2011-02-19 05:24 - 00723122 _____ C:\Windows\system32\perfh007.dat
2014-01-19 18:20 - 2011-02-19 05:24 - 00156670 _____ C:\Windows\system32\perfc007.dat
2014-01-19 18:20 - 2009-07-14 06:13 - 01672432 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Adobe
2014-01-19 13:03 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Adobe
2014-01-19 12:58 - 2014-01-19 12:58 - 00000000 _____ C:\Users\Spielekonto\Documents\WARNING.txt
2014-01-19 12:56 - 2014-01-19 12:56 - 00000194 _____ C:\Users\Spielekonto\Desktop\SimCity™.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00002200 _____ C:\Users\Spielekonto\Desktop\Fünf Freunde auf Schatzsuche.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00001307 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000566 _____ C:\Users\Spielekonto\Desktop\Stronghold Legends.lnk
2014-01-19 12:55 - 2014-01-19 12:55 - 00000238 _____ C:\Users\Spielekonto\Desktop\Landwirtschafts Simulator 2011.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002164 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 Abenteuer auf der Ranch starten.lnk
2014-01-19 12:54 - 2014-01-19 12:54 - 00002118 _____ C:\Users\Spielekonto\Desktop\Wildlife Park 2 starten.lnk
2014-01-19 12:52 - 2014-01-19 12:52 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-19 12:52 - 2013-12-01 15:05 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-19 12:52 - 2013-12-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-19 12:51 - 2014-01-03 14:05 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Google
2014-01-19 09:29 - 2014-01-19 09:29 - 00000000 ____D C:\ASUS WebStorage
2014-01-19 08:57 - 2014-01-19 08:57 - 00000383 _____ C:\Users\*****\Downloads\432141325.csv
2014-01-19 08:01 - 2014-01-19 08:01 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Sublime Text 2
2014-01-19 08:01 - 2014-01-03 14:06 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\VirtualStore
2014-01-19 08:00 - 2014-01-03 14:06 - 00168856 __RSH C:\Users\Spielekonto\ntuser.pol
2014-01-19 08:00 - 2014-01-03 14:05 - 00000000 ____D C:\Users\Spielekonto
2014-01-19 08:00 - 2011-08-21 09:06 - 00000680 __RSH C:\Users\*****\ntuser.pol
2014-01-18 17:54 - 2014-01-18 17:54 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\ASUS WebStorage
2014-01-18 17:54 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Origin
2014-01-18 11:52 - 2014-01-18 11:52 - 00000000 ____D C:\Program Files (x86)\PolarSoft
2014-01-18 11:51 - 2014-01-18 11:51 - 02475601 _____ (PolarSoft                                                   ) C:\Users\*****\Downloads\TMSetup.exe
2014-01-18 11:49 - 2014-01-18 11:49 - 00001529 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2014-01-18 11:44 - 2014-01-18 11:42 - 00000009 _____ C:\Windows\system32\online.txt
2014-01-18 07:45 - 2013-11-21 20:01 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 07:28 - 2014-01-18 07:28 - 00005402 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 07:28 - 2011-08-07 12:36 - 00000000 ___HD C:\Program Files (x86)\Java
2014-01-18 07:26 - 2014-01-18 07:26 - 00000000 ____D C:\Windows\CheckSur
2014-01-17 12:51 - 2014-01-17 12:51 - 00001328 _____ C:\Users\*****\Desktop\PC Inspector File Recovery.lnk
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2014-01-17 12:51 - 2014-01-17 12:51 - 00000000 ____D C:\Program Files (x86)\Convar
2014-01-17 12:51 - 2014-01-17 12:50 - 03462033 _____ C:\Users\*****\Downloads\pci_filerecovery.exe
2014-01-17 12:50 - 2014-01-17 12:50 - 03736125 _____ C:\Users\*****\Downloads\testdisk-6.14.win.zip
2014-01-17 12:44 - 2014-01-17 12:44 - 00000000 ____D C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-16 19:26 - 2012-06-02 17:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 19:26 - 2009-07-14 03:34 - 00000563 _____ C:\Windows\win.ini
2014-01-03 14:15 - 2013-05-04 07:06 - 00000000 ____D C:\Users\*****\AppData\Roaming\Media Player Classic
2014-01-03 14:09 - 2014-01-03 14:09 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\AVAST Software
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Stardock
2014-01-03 14:08 - 2014-01-03 14:08 - 00000000 ____D C:\Users\Spielekonto\AppData\Roaming\Logitech
2014-01-03 14:07 - 2014-01-03 14:07 - 00187528 _____ C:\Users\Spielekonto\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 14:07 - 2014-01-03 14:07 - 00001427 _____ C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ___RD C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Users\Spielekonto\AppData\Local\Origin
2014-01-03 14:06 - 2011-06-22 11:42 - 00002748 _____ C:\Windows\system32\AutoRunFilter.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000020 ___SH C:\Users\Spielekonto\ntuser.ini
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Vorlagen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Startmenü
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Netzwerkumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Lokale Einstellungen
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Eigene Dateien
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Druckumgebung
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Musik
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Documents\Eigene Bilder
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Verlauf
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\AppData\Local\Anwendungsdaten
2014-01-03 14:05 - 2014-01-03 14:05 - 00000000 _SHDL C:\Users\Spielekonto\Anwendungsdaten
2014-01-01 19:20 - 2014-01-01 19:20 - 00135712 _____ C:\wubildr
2014-01-01 18:10 - 2012-10-01 06:40 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-01 18:09 - 2014-01-01 18:09 - 00008192 _____ C:\wubildr.mbr
2014-01-01 17:15 - 2014-01-01 17:13 - 00000000 ____D C:\Users\*****\Downloads\Windows_7_Wallpaper
2014-01-01 17:14 - 2014-01-01 17:13 - 00000000 ____D C:\Windows\wallpapers
2014-01-01 17:09 - 2014-01-01 17:09 - 00001850 _____ C:\Users\*****\Desktop\Maya.lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001425 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.3).lnk
2014-01-01 17:09 - 2014-01-01 17:09 - 00001284 _____ C:\Users\*****\Desktop\GIANTS Editor (5.0.1).lnk
2014-01-01 17:08 - 2014-01-01 17:08 - 00001045 _____ C:\Users\*****\Desktop\Schweizer Strassenschilder.lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2013 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001307 _____ C:\Users\*****\Desktop\Landwirtschafts Simulator 2011 .lnk
2014-01-01 17:02 - 2014-01-01 17:02 - 00001263 _____ C:\Users\*****\Desktop\Skiregion Simulator 2012 .lnk
2014-01-01 17:01 - 2014-01-01 17:01 - 00003037 _____ C:\Users\*****\Desktop\Excel 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00003015 _____ C:\Users\*****\Desktop\Word 2013.lnk
2014-01-01 17:00 - 2014-01-01 17:00 - 00002937 _____ C:\Users\*****\Desktop\PowerPoint 2013.lnk
2014-01-01 16:56 - 2013-11-22 16:17 - 00000000 ____D C:\Users\*****\Desktop\Hochhaus
2014-01-01 16:54 - 2014-01-01 16:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Bildverkleinerer
2014-01-01 16:10 - 2014-01-01 16:10 - 00290304 _____ (Dr. Wuro Industries) C:\Users\*****\Downloads\verkleinerer17b.exe

Files to move or delete:
====================
C:\Users\*****\AppData\Roaming\Camdata.ini
C:\Users\*****\AppData\Roaming\CamLayout.ini
C:\Users\*****\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\*****\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 18:45

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


3. GMER

Sürtzt leider immer mit folgendem Status ab:



Passiert immer nach dem Start

Gruss

 

Themen zu Grosser Virenscan
acedrv05.sys, adblock, canon, cyberghost, google analytics, scan, secunia psi, virenscan, virtualbox, worte, würde


« Treiber Probleme mit leichten Systembeinträchtigungen | Teamspeak und andere Prozesse geben aufeinmal keine Rückmeldung »


Ähnliche Themen: Grosser Virenscan


  1. userinit.exe stoppt Virenscan
    Log-Analyse und Auswertung - 30.10.2014 (10)
  2. Win 7 laptop geht bei Virenscan aus
    Log-Analyse und Auswertung - 30.08.2014 (32)
  3. Ein ganz grosser Dank an meinen Fluglotsen Leo
    Lob, Kritik und Wünsche - 25.06.2013 (1)
  4. Problem mit zuverlässigem Virenscan
    Log-Analyse und Auswertung - 15.05.2013 (33)
  5. 31 Funde im Virenscan, und jetzt?
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (7)
  6. Scanlog File von Virenscan
    Log-Analyse und Auswertung - 08.03.2012 (1)
  7. Routine Virenscan
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (3)
  8. Pc Neustart bei Virenscan
    Antiviren-, Firewall- und andere Schutzprogramme - 23.05.2010 (1)
  9. Probleme mit Vista und Virenscan
    Plagegeister aller Art und deren Bekämpfung - 04.04.2009 (0)
  10. Virenscan bricht immer ab!
    Antiviren-, Firewall- und andere Schutzprogramme - 07.11.2008 (2)
  11. PC-Abstürze immer bei Virenscan
    Antiviren-, Firewall- und andere Schutzprogramme - 16.03.2008 (1)
  12. Endloser Virenscan
    Plagegeister aller Art und deren Bekämpfung - 09.01.2008 (12)
  13. Bluescreen beim Virenscan
    Mülltonne - 13.08.2007 (1)
  14. pc stürtzt bei virenscan, spybot ab?
    Antiviren-, Firewall- und andere Schutzprogramme - 03.06.2007 (14)
  15. computer schaltet ab bei virenscan
    Plagegeister aller Art und deren Bekämpfung - 10.04.2007 (7)
  16. Online-Virenscan friert ein
    Antiviren-, Firewall- und andere Schutzprogramme - 26.01.2006 (6)
  17. mehrere GB grosser avast ordner unter windows/temp/_AVAST4_ normal ?
    Antiviren-, Firewall- und andere Schutzprogramme - 19.01.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Grosser Virenscan - Hallo! Ich würde gerne mal ein Durchcheck meines PC machen. Wo soll ich beginnen? für Antworten Gruss Baldoius 1. Defogger --> Hab ich gemacht! 2. FRST FRST Logfile: FRST Logfile: - Grosser Virenscan...
Archiv
Du betrachtest: Grosser Virenscan auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19