Vista: Avira wurde durch Gruppenrichtlinie blockiert

can result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-06-2014 03
Ran by Iker Casillas (administrator) on SG on 11-06-2014 00:31:02
Running from C:\Users\Iker Casillas\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
() C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Iker Casillas\Desktop\OTL.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Iker Casillas\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6246400 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-17] (Google)
HKLM\...\Run: [Dell DataSafe Online] => C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [1745648 2008-11-03] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: C:\Program Files\Lavasoft <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\Run: [GMX SMS-Manager] => C:\Program Files\GMX\GMX SMS-Manager\SMSMngr.exe [3539968 2007-07-19] (1&1 Internet AG)
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-12-17] (Google Inc.)
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\Run: [ObarPinyi] => regsvr32.exe "C:\ProgramData\ObarPinyi.dat"
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\MountPoints2: {14b88af2-d45f-11df-9ace-0021704ed8e7} - J:\AutoRun.exe
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\MountPoints2: {16bcce5d-ecec-11e0-8376-0021704ed8e7} - F:\AutoRun.exe
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\MountPoints2: {4bca1f4e-e55a-11e1-b3cc-0021704ed8e7} - F:\Startme.exe
HKU\S-1-5-21-1044767620-184796423-319856471-1000\...\MountPoints2: {8b96f399-cc21-11e0-a96a-001e101fc547} - J:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-17] (Google)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Iker Casillas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wallstreet-online.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4081218
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=FreB7bzu0tXKNmKoQQmlKS413D0?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Advertising Cookie Opt-out - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} https://email.de.o2.com/,DanaInfo=MUC0LM02.viaginterkom.de+dwa8W.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://homezone.de.o2.com/dana-cached/sc/JuniperSetupClient.cab
DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} hxxp://iptv.zgzcw.com/pCastCtl_1.0.0.89_20080808.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Iker Casillas\AppData\Roaming\Mozilla\Firefox\Profiles\knqna3hs.default
FF Homepage: hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4081218
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Iker Casillas\AppData\Roaming\Mozilla\Firefox\Profiles\knqna3hs.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-10]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Iker Casillas\AppData\Roaming\Mozilla\Firefox\Profiles\knqna3hs.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2013-02-03]
FF Extension: Flash and Video Download - C:\Users\Iker Casillas\AppData\Roaming\Mozilla\Firefox\Profiles\knqna3hs.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2010-10-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files\TVUPlayer\npTVUAx.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Iker Casillas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-06-26]
CHR Extension: (Google Wallet) - C:\Users\Iker Casillas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-10]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-03]

========================== Services (Whitelisted) =================

S2 AERTFilters; C:\Windows\system32\AERTSrv.exe [73728 2008-07-18] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-05] (Avira Operations GmbH & Co. KG)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation) [File not signed]
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-17] (Google)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1181328 2011-04-18] (Lavasoft)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [306816 2008-12-30] (AfaTech                  )
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-29] (Avira Operations GmbH & Co. KG)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2007-06-15] (Avanquest Software) [File not signed]
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-07-04] (Advanced Micro Devices, Inc.)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-07-21] (Windows (R) Codename Longhorn DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-06] (Avira GmbH)
S3 appliandMP; system32\DRIVERS\appliand.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 00:31 - 2014-06-11 00:31 - 00019215 _____ () C:\Users\Iker Casillas\Downloads\FRST.txt
2014-06-11 00:30 - 2014-06-11 00:31 - 00000000 ____D () C:\FRST
2014-06-11 00:30 - 2014-06-11 00:30 - 01177600 _____ (Farbar) C:\Users\Iker Casillas\Downloads\FRST.exe
2014-06-11 00:30 - 2014-06-11 00:30 - 00050477 _____ () C:\Users\Iker Casillas\Downloads\Defogger (1).exe
2014-06-11 00:29 - 2014-06-11 00:29 - 00000488 _____ () C:\Users\Iker Casillas\Downloads\defogger_disable.log
2014-06-11 00:28 - 2014-06-11 00:28 - 00050477 _____ () C:\Users\Iker Casillas\Downloads\Defogger.exe
2014-06-10 23:42 - 2014-06-10 23:42 - 00602112 _____ (OldTimer Tools) C:\Users\Iker Casillas\Desktop\OTL.exe
2014-06-10 23:35 - 2014-06-10 23:35 - 39809104 _____ (Google Inc.) C:\Users\Iker Casillas\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-06-10 23:35 - 2014-06-10 23:35 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 23:35 - 2014-06-10 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-06 23:14 - 2014-06-06 23:14 - 00227728 _____ (Mozilla Foundation) C:\ProgramData\ObarPinyi.dat
2014-05-26 20:27 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-26 20:27 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-26 20:27 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-26 20:26 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-18 17:18 - 2014-05-18 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker

==================== One Month Modified Files and Folders =======

2014-06-11 00:31 - 2014-06-11 00:31 - 00019215 _____ () C:\Users\Iker Casillas\Downloads\FRST.txt
2014-06-11 00:31 - 2014-06-11 00:30 - 00000000 ____D () C:\FRST
2014-06-11 00:31 - 2008-12-23 22:32 - 00000000 ____D () C:\Users\Iker Casillas\AppData\Local\Temp
2014-06-11 00:30 - 2014-06-11 00:30 - 01177600 _____ (Farbar) C:\Users\Iker Casillas\Downloads\FRST.exe
2014-06-11 00:30 - 2014-06-11 00:30 - 00050477 _____ () C:\Users\Iker Casillas\Downloads\Defogger (1).exe
2014-06-11 00:29 - 2014-06-11 00:29 - 00000488 _____ () C:\Users\Iker Casillas\Downloads\defogger_disable.log
2014-06-11 00:28 - 2014-06-11 00:28 - 00050477 _____ () C:\Users\Iker Casillas\Downloads\Defogger.exe
2014-06-11 00:15 - 2012-11-28 00:05 - 00063914 _____ () C:\Users\Iker Casillas\Desktop\Extras.Txt
2014-06-11 00:13 - 2012-11-28 00:04 - 00125622 _____ () C:\Users\Iker Casillas\Desktop\OTL.Txt
2014-06-11 00:07 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 00:07 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 23:42 - 2014-06-10 23:42 - 00602112 _____ (OldTimer Tools) C:\Users\Iker Casillas\Desktop\OTL.exe
2014-06-10 23:36 - 2010-02-14 23:44 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 23:35 - 2014-06-10 23:35 - 39809104 _____ (Google Inc.) C:\Users\Iker Casillas\Downloads\ChromeStandaloneSetup_35.0.1916.114.exe
2014-06-10 23:35 - 2014-06-10 23:35 - 00001925 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 23:35 - 2014-06-10 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 23:35 - 2008-12-17 19:36 - 00000000 ____D () C:\Program Files\Google
2014-06-10 23:14 - 2008-12-17 19:20 - 01314887 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 18:36 - 2010-02-14 23:44 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 14:14 - 2008-01-21 09:16 - 01418806 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-10 14:10 - 2008-12-17 19:34 - 00000276 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-06-10 14:10 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-10 14:07 - 2009-12-13 21:12 - 00059042 _____ () C:\aaw7boot.log
2014-06-10 14:07 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 14:05 - 2006-11-02 15:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-06 23:14 - 2014-06-06 23:14 - 00227728 _____ (Mozilla Foundation) C:\ProgramData\ObarPinyi.dat
2014-06-05 21:04 - 2013-08-06 18:39 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-05 21:04 - 2013-08-06 18:39 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-29 16:48 - 2009-11-15 12:00 - 00000000 ____D () C:\Users\Iker Casillas\AppData\Roaming\vlc
2014-05-26 21:40 - 2014-05-26 21:37 - 186930547 _____ () C:\Users\Iker Casillas\Downloads\[clips4sale.com]FeedingTheSadist.mov
2014-05-26 20:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-26 20:32 - 2014-01-03 01:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-26 20:29 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-23 18:28 - 2012-08-13 17:27 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-23 18:28 - 2011-05-21 10:47 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-21 00:00 - 2013-08-10 16:39 - 00000000 ____D () C:\Users\Iker Casillas\AppData\Local\PokerStars.EU
2014-05-18 17:18 - 2014-05-18 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2014-05-18 17:18 - 2013-09-05 21:54 - 00001485 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2014-05-18 17:18 - 2008-12-30 00:02 - 00001479 _____ () C:\Users\Iker Casillas\Desktop\partypoker.lnk
2014-05-18 17:18 - 2006-11-02 14:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Files to move or delete:
====================
C:\Users\Iker Casillas\AppData\Roaming\desktop.ini
C:\ProgramData\ObarPinyi.dat
C:\Users\Iker Casillas\Ad-Aware81Installation.exe
C:\Users\Iker Casillas\thief.exe


Some content of TEMP:
====================
C:\Users\Iker Casillas\AppData\Local\Temp\AskSLib.dll
C:\Users\Iker Casillas\AppData\Local\Temp\atl.exe
C:\Users\Iker Casillas\AppData\Local\Temp\avgnt.exe
C:\Users\Iker Casillas\AppData\Local\Temp\CamStudio20.exe
C:\Users\Iker Casillas\AppData\Local\Temp\cefloader.exe
C:\Users\Iker Casillas\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Iker Casillas\AppData\Local\Temp\DevSetup32.dll
C:\Users\Iker Casillas\AppData\Local\Temp\DevSetup64.dll
C:\Users\Iker Casillas\AppData\Local\Temp\DriverInstall32.exe
C:\Users\Iker Casillas\AppData\Local\Temp\DriverInstall64.exe
C:\Users\Iker Casillas\AppData\Local\Temp\dsHostCheckerSetup.exe
C:\Users\Iker Casillas\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Iker Casillas\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Iker Casillas\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Iker Casillas\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Iker Casillas\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Iker Casillas\AppData\Local\Temp\gimp-2.6.6-i686-setup.exe
C:\Users\Iker Casillas\AppData\Local\Temp\install_flashplayer13x32axau_chra_awa_aih.exe
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo1717811655553307331.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo2113525620824803592.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo3414729709069880035.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo3756315335219218924.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo4566734914743889908.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo4935134752359827509.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo5921677733527193373.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo6534982412330188025.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo724706313096868113.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo7903672527072994045.dll
C:\Users\Iker Casillas\AppData\Local\Temp\javasysmo822849725124470886.dll
C:\Users\Iker Casillas\AppData\Local\Temp\ResetDevice.exe
C:\Users\Iker Casillas\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Iker Casillas\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Iker Casillas\AppData\Local\Temp\sfextra.dll
C:\Users\Iker Casillas\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Iker Casillas\AppData\Local\Temp\uninstall.exe
C:\Users\Iker Casillas\AppData\Local\Temp\unwise.exe
C:\Users\Iker Casillas\AppData\Local\Temp\wmaudio.exe
C:\Users\Iker Casillas\AppData\Local\Temp\Zattoo-Update.exe
C:\Users\Iker Casillas\AppData\Local\Temp\_ir_sf7_temp_0RCATSetup4.exe
C:\Users\Iker Casillas\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 14:57

==================== End Of Log ============================