logfile mit OTL durchgeführt (interpretiert von Hijackthis)

hannes121 · 07.03.2014, 18:57

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by Admin (administrator) on ADMIN-PC on 07-03-2014 18:44:40
Running from C:\Users\Admin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1704720 2014-01-23] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2014-01-18] ()
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {02027cae-2193-11e1-bcdc-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {02027cb2-2193-11e1-bcdc-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {02027cee-2193-11e1-bcdc-b870f48f0452} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {0d65f75e-d00d-11e1-ae46-b870f48f0452} - E:\setup.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {181d41de-c9de-11e0-a1f7-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {181d41ec-c9de-11e0-a1f7-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {22653fb5-232b-11e1-bd52-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {22653fba-232b-11e1-bd52-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {26ec484c-233a-11e1-a967-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {26ec4874-233a-11e1-a967-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {26ec487a-233a-11e1-a967-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {27518a48-0fb2-11e1-9f8b-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {27518a5f-0fb2-11e1-9f8b-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {27518a9d-0fb2-11e1-9f8b-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {27518aa0-0fb2-11e1-9f8b-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {36307b5c-0fac-11e1-bc4c-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {36307b8d-0fac-11e1-bc4c-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {56c9a2f5-1084-11e1-bd56-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {5c524d3e-ca54-11e0-888f-ccaf780045df} - E:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {792a862a-1b7f-11e1-a843-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {792a862d-1b7f-11e1-a843-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {7b0a31e8-23f9-11e1-a8c4-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {c9cd2154-1d92-11e1-867b-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {c9cd215b-1d92-11e1-867b-ccaf780045df} - F:\AutoRun.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {dc5500dd-8a93-11e2-94c2-b870f48f0452} - E:\XSManagerinstallation.exe
HKU\S-1-5-21-2713217424-4135445284-309746539-1000\...\MountPoints2: {e76e9d8c-1d3a-11e1-abbd-ccaf780045df} - F:\AutoRun.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://Nina
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0C0C0A0FyBzztDtDyEyD0D0FyEyCyEyBtN0D0Tzu0CyDyEyBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1812616864&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0C0C0A0FyBzztDtDyEyD0D0FyEyCyEyBtN0D0Tzu0CyDyEyBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1812616864&ir=
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {547BABD2-C335-3A5F-9F6A-594B1A70A742} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {7B107F0B-8268-586C-8B91-4B7A189905C3} URL = 
SearchScopes: HKCU - {901D3513-A0F2-4369-9D08-3F6FD6CCE718} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407956&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll No File
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: No Name - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - PasswordBox Toolbar - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll No File
Toolbar: HKLM-x32 - No Name - {610AF794-9293-4129-9FAF-A81BBDFBFA14} -  No File
Toolbar: HKCU - No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} -  No File
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u35hbzvs.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407956&p=
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u35hbzvs.default\searchplugins\visualbee.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u35hbzvs.default\Extensions\https-everywhere@eff.org [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-01-31]

Chrome: 
=======
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-06]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-06]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-06]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-06]
CHR Extension: (ZenMate for Google Chrome™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-01-31]
CHR Extension: (HTTPS Everywhere) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-01-31]
CHR Extension: (MapsGalaxy) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmpoonbkphmkpjmcbgpeoondejnaaic [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-06]
CHR Extension: (AntiBrowserSpy - SocialBlocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2014-01-31]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-06]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Admin\AppData\Local\mysearchdial.crx [2013-06-30]
CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2014-01-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 CLKMSVC10_34E30CCC; C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [238576 2011-02-18] (CyberLink)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-03-07] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-03-07] (IObit)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-14] ()
S2 PasswordBox; "C:\Program Files (x86)\PasswordBox\pbbtnService.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [141824 2013-03-11] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\System32\DRIVERS\cmnuusbser.sys [123904 2013-03-11] (Wireless Device)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-30] (GFI Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 18:28 - 2014-03-07 18:28 - 00471681 _____ () C:\Users\Admin\Downloads\scan frst.txt
2014-03-07 18:27 - 2014-03-07 18:27 - 00053263 _____ () C:\Users\Admin\Downloads\scan mit frst.txt
2014-03-07 18:26 - 2014-03-07 18:26 - 00471681 _____ () C:\Users\Admin\Downloads\scan mit e.txt
2014-03-07 18:25 - 2014-03-07 18:44 - 00022722 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-03-07 18:25 - 2014-03-07 18:29 - 00471678 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-03-07 18:24 - 2014-03-07 18:44 - 00000000 ____D () C:\FRST
2014-03-07 18:24 - 2014-03-07 18:24 - 02156544 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-03-07 18:01 - 2014-03-07 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:01 - 2014-03-07 18:01 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00016220 _____ () C:\Users\Admin\Downloads\analyse I.txt
2014-03-07 17:57 - 2014-03-07 17:57 - 00016220 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-03-07 17:56 - 2014-03-07 18:44 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2014-03-07 17:55 - 2014-03-07 17:56 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.07.0.1009.exe
2014-03-07 17:50 - 2014-03-07 17:50 - 01037734 _____ (Thisisu) C:\Users\Admin\Downloads\JRT_6.1.2.exe
2014-03-07 17:50 - 2014-03-07 17:50 - 01037734 _____ (Thisisu) C:\Users\Admin\Downloads\JRT_6.1.2 (1).exe
2014-03-07 17:50 - 2014-03-07 17:50 - 00000000 ____D () C:\Windows\ERUNT
2014-03-07 17:40 - 2014-03-07 17:40 - 00002886 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IObit
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\ProgramData\IObit
2014-03-07 17:39 - 2014-03-07 17:40 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-07 17:39 - 2014-03-07 17:40 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-07 17:39 - 2014-03-07 17:39 - 00001216 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-03-07 17:39 - 2014-03-07 17:39 - 00001192 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-07 17:38 - 2014-03-07 17:39 - 11201344 _____ (IObit) C:\Users\Admin\Downloads\iobituninstaller3.1.7.2405.exe
2014-03-07 17:35 - 2014-03-07 18:11 - 00880774 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-03-07 17:35 - 2014-03-07 17:35 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\eXplorer.exe
2014-03-07 17:34 - 2014-03-07 17:34 - 00454120 _____ () C:\Users\Admin\Downloads\Nicht bestätigt 774871.crdownload
2014-03-07 17:33 - 2014-03-07 17:33 - 00300264 _____ (Appsinstaller) C:\Users\Admin\Downloads\RKill (1).exe
2014-03-07 17:33 - 2014-03-07 17:33 - 00001094 _____ () C:\Users\Admin\Desktop\Continue Zip Opener Installation.lnk
2014-03-07 17:31 - 2014-03-07 17:31 - 00300264 _____ (Appsinstaller) C:\Users\Admin\Downloads\RKill.exe
2014-03-07 17:27 - 2014-03-07 17:27 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\rkill.com
2014-03-07 17:27 - 2014-03-07 17:27 - 00667952 _____ ( ) C:\Users\Admin\Downloads\ZipSetup.exe
2014-03-07 17:23 - 2014-03-07 17:23 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-07 17:22 - 2014-03-07 17:22 - 00011326 _____ () C:\Users\Admin\Desktop\HitmanPro_20140307_1722.log
2014-03-07 17:01 - 2014-03-07 17:01 - 00380416 _____ () C:\Users\Admin\Downloads\vow8y4fs.exe
2014-03-07 17:01 - 2014-03-07 17:01 - 00380416 _____ () C:\Users\Admin\Downloads\2k0zvdw0.exe
2014-03-07 16:56 - 2014-03-07 16:56 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (3)
2014-03-07 16:54 - 2014-03-07 16:54 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer
2014-03-07 16:53 - 2014-03-07 16:53 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer.zip
2014-03-07 16:47 - 2014-03-07 16:47 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-03-07 16:47 - 2014-03-07 16:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-07 16:46 - 2014-03-07 16:46 - 10820032 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\HitmanPro_x64.exe
2014-03-07 16:45 - 2014-03-07 17:02 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-07 16:45 - 2014-03-07 16:45 - 09988304 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\hitmanpro.exe
2014-03-07 16:38 - 2014-03-07 16:38 - 00000000 ____D () C:\Users\Admin\Documents\Simply Super Software
2014-03-07 16:38 - 2014-03-07 16:38 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-07 16:37 - 2014-03-07 16:37 - 00001103 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-07 16:36 - 2014-03-07 16:36 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (3).zip
2014-03-07 16:33 - 2014-03-07 16:33 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (2).zip
2014-03-07 16:33 - 2014-03-07 16:33 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (2)
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171
2014-03-07 16:22 - 2014-03-07 16:37 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (1)
2014-03-07 16:22 - 2014-03-07 16:22 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (1).zip
2014-03-07 16:21 - 2014-03-07 16:21 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171.zip
2014-03-07 16:14 - 2014-03-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-07 16:14 - 2014-03-07 16:14 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-07 16:11 - 2014-03-07 16:12 - 21407864 _____ (Simply Super Software ) C:\Users\Admin\Downloads\trjsetup690.exe
2014-03-07 14:05 - 2014-03-07 14:05 - 00152392 _____ () C:\Users\Admin\Downloads\OTL Scan.txt
2014-03-07 14:03 - 2014-03-07 14:03 - 00097524 _____ () C:\Users\Admin\Downloads\OTL.Txt SCAN.txt
2014-03-07 13:56 - 2014-03-07 13:56 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL (1).exe
2014-03-07 13:03 - 2014-03-07 13:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\Admin\Desktop\HijackThis - CHIP-Downloader.exe
2014-03-07 12:17 - 2014-03-07 12:17 - 00304857 _____ () C:\Users\Admin\Downloads\HijackThis_205.zip
2014-02-27 20:39 - 2014-02-27 20:39 - 00002176 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-02-27 20:37 - 2014-02-27 20:37 - 00847816 _____ (Google Inc.) C:\Users\Admin\Downloads\GoogleEarthSetup.exe
2014-02-23 13:07 - 2014-02-23 13:07 - 00000000 ___SD () C:\Users\Admin\Documents\Meine Datenquellen
2014-02-18 14:09 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 14:09 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-17 14:05 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-17 14:05 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-17 14:05 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-17 14:05 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-17 14:05 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-17 14:05 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-17 14:05 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-17 14:05 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-17 14:05 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-17 14:05 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-17 14:05 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-17 14:05 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-17 14:05 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-17 14:05 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-17 14:05 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 14:05 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-17 14:05 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-17 14:05 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-17 14:05 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-17 14:05 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-17 14:05 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-17 14:05 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-17 14:05 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-17 14:05 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-17 14:05 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-17 14:05 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-17 14:05 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-17 14:05 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-17 14:05 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-17 14:05 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-17 14:05 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-17 14:05 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-17 14:05 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-17 14:05 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-17 14:05 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-17 14:05 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-17 14:05 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-17 14:05 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-17 14:05 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 16:16 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 16:16 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 16:16 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 16:16 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 16:16 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 16:16 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 16:16 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 16:16 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 16:16 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 16:16 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 16:16 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 16:16 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 16:16 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 16:16 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 16:16 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 16:16 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 16:16 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 16:16 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 16:16 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 16:16 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 16:16 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 16:16 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 16:16 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 16:16 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 16:16 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 16:16 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 16:16 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 16:16 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 12:40 - 2014-02-11 12:40 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser II
2014-02-11 12:27 - 2014-02-11 12:39 - 24145274 _____ () C:\Users\Admin\Downloads\torbrowser-install-3.5.2_en-US.exe
2014-02-08 15:06 - 2014-02-08 15:06 - 00000047 _____ () C:\Users\Admin\Downloads\pnm.cgi

==================== One Month Modified Files and Folders =======

2014-03-07 18:44 - 2014-03-07 18:25 - 00022722 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-03-07 18:44 - 2014-03-07 18:24 - 00000000 ____D () C:\FRST
2014-03-07 18:44 - 2014-03-07 18:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 18:44 - 2014-03-07 17:56 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2014-03-07 18:37 - 2014-01-25 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\tor
2014-03-07 18:29 - 2014-03-07 18:25 - 00471678 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-03-07 18:28 - 2014-03-07 18:28 - 00471681 _____ () C:\Users\Admin\Downloads\scan frst.txt
2014-03-07 18:27 - 2014-03-07 18:27 - 00053263 _____ () C:\Users\Admin\Downloads\scan mit frst.txt
2014-03-07 18:26 - 2014-03-07 18:26 - 00471681 _____ () C:\Users\Admin\Downloads\scan mit e.txt
2014-03-07 18:24 - 2014-03-07 18:24 - 02156544 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-03-07 18:19 - 2013-02-27 15:39 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 18:11 - 2014-03-07 17:35 - 00880774 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-03-07 18:01 - 2014-03-07 18:01 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 18:00 - 2014-03-07 18:00 - 00016220 _____ () C:\Users\Admin\Downloads\analyse I.txt
2014-03-07 17:57 - 2014-03-07 17:57 - 00016220 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-03-07 17:56 - 2014-03-07 17:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Admin\Downloads\mbar-1.07.0.1009.exe
2014-03-07 17:50 - 2014-03-07 17:50 - 01037734 _____ (Thisisu) C:\Users\Admin\Downloads\JRT_6.1.2.exe
2014-03-07 17:50 - 2014-03-07 17:50 - 01037734 _____ (Thisisu) C:\Users\Admin\Downloads\JRT_6.1.2 (1).exe
2014-03-07 17:50 - 2014-03-07 17:50 - 00000000 ____D () C:\Windows\ERUNT
2014-03-07 17:43 - 2011-04-06 11:50 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-03-07 17:43 - 2011-04-06 11:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-07 17:42 - 2011-04-06 11:35 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-03-07 17:40 - 2014-03-07 17:40 - 00002886 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\IObit
2014-03-07 17:40 - 2014-03-07 17:40 - 00000000 ____D () C:\ProgramData\IObit
2014-03-07 17:40 - 2014-03-07 17:39 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-07 17:40 - 2014-03-07 17:39 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-07 17:39 - 2014-03-07 17:39 - 00001216 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-03-07 17:39 - 2014-03-07 17:39 - 00001192 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-07 17:39 - 2014-03-07 17:38 - 11201344 _____ (IObit) C:\Users\Admin\Downloads\iobituninstaller3.1.7.2405.exe
2014-03-07 17:35 - 2014-03-07 17:35 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\eXplorer.exe
2014-03-07 17:34 - 2014-03-07 17:34 - 00454120 _____ () C:\Users\Admin\Downloads\Nicht bestätigt 774871.crdownload
2014-03-07 17:33 - 2014-03-07 17:33 - 00300264 _____ (Appsinstaller) C:\Users\Admin\Downloads\RKill (1).exe
2014-03-07 17:33 - 2014-03-07 17:33 - 00001094 _____ () C:\Users\Admin\Desktop\Continue Zip Opener Installation.lnk
2014-03-07 17:32 - 2011-05-26 21:13 - 01912349 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 17:31 - 2014-03-07 17:31 - 00300264 _____ (Appsinstaller) C:\Users\Admin\Downloads\RKill.exe
2014-03-07 17:30 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 17:30 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 17:29 - 2011-05-27 07:06 - 02899222 _____ () C:\Windows\system32\perfh007.dat
2014-03-07 17:29 - 2011-05-27 07:06 - 00857842 _____ () C:\Windows\system32\perfc007.dat
2014-03-07 17:29 - 2009-07-14 06:13 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-07 17:27 - 2014-03-07 17:27 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\rkill.com
2014-03-07 17:27 - 2014-03-07 17:27 - 00667952 _____ ( ) C:\Users\Admin\Downloads\ZipSetup.exe
2014-03-07 17:25 - 2011-07-28 16:22 - 00000000 ____D () C:\ProgramData\clear.fi
2014-03-07 17:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-03-07 17:24 - 2013-07-03 00:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\Vidalia
2014-03-07 17:24 - 2013-02-27 15:39 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 17:23 - 2014-03-07 17:23 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-07 17:23 - 2013-06-02 10:14 - 00273638 _____ () C:\Windows\PFRO.log
2014-03-07 17:23 - 2013-02-28 08:27 - 00042113 _____ () C:\Windows\setupact.log
2014-03-07 17:23 - 2011-12-10 15:30 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-07 17:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 17:22 - 2014-03-07 17:22 - 00011326 _____ () C:\Users\Admin\Desktop\HitmanPro_20140307_1722.log
2014-03-07 17:02 - 2014-03-07 16:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-07 17:01 - 2014-03-07 17:01 - 00380416 _____ () C:\Users\Admin\Downloads\vow8y4fs.exe
2014-03-07 17:01 - 2014-03-07 17:01 - 00380416 _____ () C:\Users\Admin\Downloads\2k0zvdw0.exe
2014-03-07 16:56 - 2014-03-07 16:56 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (3)
2014-03-07 16:54 - 2014-03-07 16:54 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer
2014-03-07 16:53 - 2014-03-07 16:53 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer.zip
2014-03-07 16:47 - 2014-03-07 16:47 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-03-07 16:47 - 2014-03-07 16:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-07 16:46 - 2014-03-07 16:46 - 10820032 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\HitmanPro_x64.exe
2014-03-07 16:45 - 2014-03-07 16:45 - 09988304 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\hitmanpro.exe
2014-03-07 16:38 - 2014-03-07 16:38 - 00000000 ____D () C:\Users\Admin\Documents\Simply Super Software
2014-03-07 16:38 - 2014-03-07 16:38 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-07 16:37 - 2014-03-07 16:37 - 00001103 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-03-07 16:37 - 2014-03-07 16:22 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (1)
2014-03-07 16:37 - 2014-03-07 16:14 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-07 16:36 - 2014-03-07 16:36 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (3).zip
2014-03-07 16:33 - 2014-03-07 16:33 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (2).zip
2014-03-07 16:33 - 2014-03-07 16:33 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171 (2)
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Users\Admin\Downloads\RootkitRevealer171
2014-03-07 16:22 - 2014-03-07 16:22 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171 (1).zip
2014-03-07 16:21 - 2014-03-07 16:21 - 00231390 _____ () C:\Users\Admin\Downloads\RootkitRevealer171.zip
2014-03-07 16:14 - 2014-03-07 16:14 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-07 16:12 - 2014-03-07 16:11 - 21407864 _____ (Simply Super Software ) C:\Users\Admin\Downloads\trjsetup690.exe
2014-03-07 15:59 - 2011-11-15 20:18 - 00155206 _____ () C:\Users\Admin\Downloads\OTL.Txt
2014-03-07 14:05 - 2014-03-07 14:05 - 00152392 _____ () C:\Users\Admin\Downloads\OTL Scan.txt
2014-03-07 14:03 - 2014-03-07 14:03 - 00097524 _____ () C:\Users\Admin\Downloads\OTL.Txt SCAN.txt
2014-03-07 13:56 - 2014-03-07 13:56 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Downloads\OTL (1).exe
2014-03-07 13:45 - 2011-11-16 22:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-07 13:44 - 2011-11-16 22:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-07 13:03 - 2014-03-07 13:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\Admin\Desktop\HijackThis - CHIP-Downloader.exe
2014-03-07 12:17 - 2014-03-07 12:17 - 00304857 _____ () C:\Users\Admin\Downloads\HijackThis_205.zip
2014-03-07 12:04 - 2013-11-06 19:48 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-07 02:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-07 02:27 - 2011-07-28 13:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\PowerCinema
2014-03-07 02:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-07 02:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-06 18:12 - 2011-07-28 13:21 - 00000000 ____D () C:\Users\Admin
2014-02-27 20:39 - 2014-02-27 20:39 - 00002176 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-02-27 20:39 - 2013-02-27 15:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-02-27 20:39 - 2013-02-27 15:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-27 20:37 - 2014-02-27 20:37 - 00847816 _____ (Google Inc.) C:\Users\Admin\Downloads\GoogleEarthSetup.exe
2014-02-26 15:14 - 2014-01-31 22:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Abelssoft
2014-02-23 14:17 - 2011-11-12 16:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-02-23 13:07 - 2014-02-23 13:07 - 00000000 ___SD () C:\Users\Admin\Documents\Meine Datenquellen
2014-02-19 12:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-17 20:14 - 2013-02-27 15:39 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 20:14 - 2013-02-27 15:39 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 14:07 - 2011-11-12 16:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-17 14:07 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-11 12:40 - 2014-02-11 12:40 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser II
2014-02-11 12:39 - 2014-02-11 12:27 - 24145274 _____ () C:\Users\Admin\Downloads\torbrowser-install-3.5.2_en-US.exe
2014-02-08 15:06 - 2014-02-08 15:06 - 00000047 _____ () C:\Users\Admin\Downloads\pnm.cgi
2014-02-06 13:16 - 2014-02-17 14:05 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-17 14:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-17 14:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-17 14:05 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-17 14:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-17 14:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-17 14:05 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-17 14:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-17 14:05 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-17 14:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-17 14:05 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-17 14:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-17 14:05 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-17 14:05 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-17 14:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-17 14:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-17 14:05 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-17 14:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-17 14:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-17 14:05 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-17 14:05 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-17 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-17 14:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-17 14:05 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-17 14:05 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-17 14:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-17 14:05 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-17 14:05 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-17 14:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-17 14:05 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-17 14:05 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-17 14:05 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-17 14:05 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-17 14:05 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-17 14:05 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-17 14:05 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-17 14:05 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-17 14:05 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-17 14:05 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Admin\snort_10169.exe


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\GHR.exe
C:\Users\Admin\AppData\Local\Temp\ICReinstall_ZipSetup.exe
C:\Users\Admin\AppData\Local\Temp\IO.exe
C:\Users\Admin\AppData\Local\Temp\KNMUQZBUD.exe
C:\Users\Admin\AppData\Local\Temp\PBA.exe
C:\Users\Admin\AppData\Local\Temp\PGMGYUBPKWZ.exe
C:\Users\Admin\AppData\Local\Temp\SHSetup.exe
C:\Users\Admin\AppData\Local\Temp\TRDXMRJGZZA.exe
C:\Users\Admin\AppData\Local\Temp\VL.exe
C:\Users\Admin\AppData\Local\Temp\ZXHNIHCA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 21:20

==================== End Of Log ============================

--- --- ---

--- --- ---

logfile mit OTL durchgeführt (interpretiert von Hijackthis)

Log-Analyse und Auswertung: logfile mit OTL durchgeführt (interpretiert von Hijackthis)

logfile mit OTL durchgeführt (interpretiert von Hijackthis)

Ähnliche Themen: logfile mit OTL durchgeführt (interpretiert von Hijackthis)