Trojaner-Board - PC durch "Interpol Trojaner" gesperrt

Hallo,

ich habe meinen PC durch den Interpol Trojaner gesperrt bekommen, wie im Beitrag

http://www.trojaner-board.de/139493-...gesprerrt.html

beschrieben ist.

Das FRST Logfile hat folgende Informationen ausgespuckt:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013

Ran by SYSTEM on 08-08-2013 09:36:34

Running from J:\

Windows Vista (TM) Home Premium (X86) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Recovery
 

The current controlset is ControlSet001
 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [Cmiboot] - C:\Windows\cmiboot.exe [65536 2007-02-07] ()

HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [NMSSupport] - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)

HKLM\...\Run: [CCUTRAYICON] - C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)

HKLM\...\Run: [MedionVFD] - C:\Program Files\Medion Info Display\MdionLCMLH.exe [208896 2006-12-29] (Dritek System Inc.)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)

HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)

HKLM\...\Run: [TrueImageMonitor.exe] - E:\Acronis TrueImageHome\TrueImageMonitor.exe [4393112 2009-05-15] (Acronis)

HKLM\...\Run: [AcronisTimounterMonitor] - E:\Acronis TrueImageHome\TimounterMonitor.exe [962640 2009-05-15] (Acronis)

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [377640 2009-05-15] (Acronis)

HKLM\...\Run: [Adobe Reader Speed Launcher] - E:\Adobe Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-26] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] - E:\Canon\My Printer\BJMyPrt.exe [1848648 2008-03-18] (CANON INC.)

HKLM\...\Run: [IJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)

HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)

HKLM\...\Run: [OpwareSE4] - E:\OmniPageSE4\OpwareSE4.exe [73728 2007-06-13] (Nuance Communications, Inc.)

HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()

HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-11-13] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe Acrobat Speed Launcher] - E:\Adobe CS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [Adobe_ID0ENQBO] - C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [378224 2008-08-15] (Adobe Systems Incorporated)

HKLM\...\Run: [NokiaMServer] - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]

HKLM\...\Run: [NokiaMusic FastStart] - E:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2090272 2009-11-06] (Nokia)

HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)

HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [ZoneAlarm Client] - E:\ZoneAlarm\zlclient.exe [1043968 2010-06-28] (Check Point Software Technologies LTD)

HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808 2010-06-15] (Check Point Software Technologies)

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [901800 2011-11-21] ({StringFileInfo_CompanyName})

HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-09-01] (Research In Motion Limited)

HKLM\...\Run: [AVMFBoxMonitor] - C:\Program Files\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)

HKLM\...\Run: [PDFPrint] - E:\PDF24\pdf24.exe [160872 2012-05-22] (Geek Software GmbH)

HKLM\...\Run: [KiesTrayAgent] - E:\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)

HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)

HKLM\...\Run: [Plantronics MyHeadset Updater] - C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe [76288 2012-12-12] (Plantronics)

HKLM\...\Run: [avgnt] - E:\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-07] (Avira Operations GmbH & Co. KG)

HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [217088 2009-04-11] (Microsoft Corporation)

HKU\Admin\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)

HKU\Admin\...\Run: [SpybotSD TeaTimer] - E:\Spybot - Search & Destroy\TeaTimer.exe [ 2009-01-26] (Safer Networking Limited)

HKU\Admin\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2009-11-20] (Hewlett-Packard Company)

HKU\Admin\...\Run: [Polar Sync] -  [x]

HKU\Admin\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-19] (Microsoft Corporation)

HKU\Admin\...\Run: [] -  [x]

HKU\Admin\...\Run: [KiesPreload] - E:\Kies\Kies.exe [ 2012-12-20] (Samsung)

HKU\Admin\...\Run: [KiesAirMessage] - E:\Kies\KiesAirMessage.exe [ 2012-12-18] (Samsung Electronics)

HKU\Admin\...\Run: [Vidalia] - E:\Vidalia Bridge Bundle\Vidalia\vidalia.exe [ 2012-12-02] ()

HKU\Admin\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-06-03] (Skype Technologies S.A.)

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\IUSR_NMPR\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)

HKU\User\...\Run: [PC Suite Tray] - "E:\Nokia PC Suite\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]

HKU\User\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2009-11-20] (Hewlett-Packard Company)

HKU\User\...\Run: [Polar Sync] -  [x]

HKU\User\...\Run: [AdobeBridge] -  [x]

HKU\User\...\Run: [] - E:\Kies\External\FirmwareUpdate\KiesPDLR.exe [ 2012-12-20] (Samsung)

HKU\User\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-19] (Microsoft Corporation)

Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\09qj.lnk

ShortcutTarget: 09qj.lnk -> C:\Users\Admin\AppData\Local\Temp\jq90.dat (Microsoft Corporation)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.~lock.Aufgaben_privat.xls# ()

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\09qj.lnk

ShortcutTarget: 09qj.lnk -> c:\progra~2\jq90.dat (Microsoft Corporation)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aufgaben_privat.xls ()

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk

ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk

ShortcutTarget: OpenOffice.org 3.1.lnk -> E:\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> E:\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk

ShortcutTarget: Persbackup.lnk -> E:\Personal Backup 4\Persbackup.exe (J. Rathlev, IEAP, Uni-Kiel)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vxtoivckjmpvfifpkwm.lnk

ShortcutTarget: vxtoivckjmpvfifpkwm.lnk -> C:\Users\User\AppData\Local\Temp\mwkpfifvpmjkcviotxv.bfg (Microsoft Corporation)

BootExecute: autocheck autochk /r \??\I:autocheck autochk * 
 

========================== Services (Whitelisted) =================
 

S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

S2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [619336 2009-05-15] (Acronis)

S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)

S2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)

S2 AlertService; C:\Programme\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)

S2 AntiVirSchedulerService; E:\Avira\AntiVir Desktop\sched.exe [84024 2013-08-07] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; E:\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-07] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; E:\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-07] (Avira Operations GmbH & Co. KG)

S2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)

S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)

S2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] ()

S2 ISSM; C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)

S2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [493048 2010-06-15] (Check Point Software Technologies)

S2 M1 Server; C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)

S2 MCLServiceATL; C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)

S2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)

S2 Polar Daemon; C:\Program Files\Polar\Daemon\polard.exe [411648 2012-04-02] ()

S2 QualityManager; C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)

S2 RalinkRegistryWriter; C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe [69632 2008-04-23] (Ralink Technology, Corp.)

S2 Remote UI Service; C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)

S2 SBSDWSCService; E:\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

S2 vsmon; C:\Windows\System32\ZoneLabs\vsmon.exe [2435592 2010-06-28] (Check Point Software Technologies LTD)

S2 Winmgmt; C:\PROGRA~2\jq90.dat [117760 2013-08-07] (Microsoft Corporation)

S2 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
 

==================== Drivers (Whitelisted) ====================
 

S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [99344 2010-07-15] (ATI Technologies, Inc.)

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-08-07] (Avira Operations GmbH & Co. KG)

S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-08-07] (Avira Operations GmbH & Co. KG)

S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-07] (Avira Operations GmbH & Co. KG)

S3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [93056 2007-01-12] (C-Media Corporation)

S3 CSRBC; C:\Windows\System32\Drivers\csrbcx86.sys [27136 2012-04-09] (CSR/PLT)

S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )

S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)

S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2009-07-19] (Intel Corporation)

S2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [26872 2010-06-15] (Check Point Software Technologies)

S3 MosIrUsb; C:\Windows\System32\DRIVERS\MosIrUsb.sys [22016 2007-10-11] ()

S2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)

S3 NPF; C:\Windows\System32\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino)

S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908832 2007-07-17] (NXP Semiconductors Germany GmbH)

S3 RT2500USB; C:\Windows\System32\DRIVERS\rt2500usb.sys [245376 2005-10-18] (Ralink Technology Inc.)

S3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)

S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-07] (Avira GmbH)

S0 tdrpman228; C:\Windows\System32\DRIVERS\tdrpm228.sys [902592 2009-07-27] (Acronis)

S2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44704 2009-07-27] (Acronis)

S3 TSHWMDTCP; C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()

S1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [457304 2010-05-15] (Check Point Software Technologies LTD)

S3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)

S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 vsdatant7; System32\drivers\vsdatant.win7.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-30 19:26 - 2011-11-27 17:12 - 00000000 ____D C:\ProgramData\FLEXnet

2013-08-30 19:26 - 2009-09-19 19:44 - 00000000 ____D C:\Users\Admin\Documents\Adobe

2013-08-08 09:33 - 2013-08-08 09:33 - 00000000 ____D C:\FRST

2013-08-07 23:46 - 2013-08-07 23:46 - 00000761 _____ C:\Windows\System32\09qj.lnk

2013-08-07 23:18 - 2013-08-07 23:18 - 00117760 _____ (Microsoft Corporation) C:\ProgramData\jq90.dat

2013-08-07 23:11 - 2013-08-07 23:11 - 00001960 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\ProgramData\McAfee Security Scan

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\ProgramData\McAfee

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\Program Files\McAfee Security Scan

2013-08-07 22:22 - 2013-08-07 22:22 - 00001984 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 14:04 - 2013-08-07 14:04 - 00000000 ____D C:\ProgramData\APN

2013-08-07 13:54 - 2013-08-07 13:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira

2013-08-07 13:49 - 2013-08-07 13:30 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys

2013-08-07 13:49 - 2013-08-07 13:30 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys

2013-08-07 13:49 - 2013-08-07 13:30 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys

2013-08-07 13:49 - 2013-08-07 13:30 - 00028520 _____ (Avira GmbH) C:\Windows\System32\Drivers\ssmdrv.sys

2013-08-05 13:00 - 2013-08-05 13:00 - 00002086 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-07-29 21:55 - 2013-07-29 21:55 - 00142776 _____ C:\Windows\Minidump\Mini072913-01.dmp

2013-07-29 21:53 - 2013-08-07 23:45 - 00005416 _____ C:\Windows\PFRO.log

2013-07-29 21:53 - 2013-07-29 21:53 - 247655990 _____ C:\Windows\MEMORY.DMP

2013-07-27 10:21 - 2013-07-27 10:21 - 00000796 _____ C:\Windows\setupact.log

2013-07-27 10:21 - 2013-07-27 10:21 - 00000000 _____ C:\Windows\setuperr.log

2013-07-27 09:23 - 2013-07-27 09:23 - 00000000 ____D C:\Users\User\Documents\default

2013-07-14 02:19 - 2013-05-29 02:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-07-14 02:19 - 2013-05-29 02:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-07-14 02:19 - 2013-05-29 02:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-07-14 02:19 - 2013-05-29 02:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-07-14 02:19 - 2013-05-29 02:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-07-14 02:19 - 2013-05-29 02:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll

2013-07-14 02:19 - 2013-05-29 02:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-07-14 02:19 - 2013-05-29 02:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-07-14 02:19 - 2013-05-29 02:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-07-14 02:19 - 2013-05-29 02:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-07-14 02:19 - 2013-05-29 02:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-07-14 02:19 - 2013-05-29 02:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-07-14 02:19 - 2013-05-29 02:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-07-14 02:19 - 2013-05-29 02:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-07-14 02:19 - 2013-05-29 02:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-07-14 02:18 - 2013-05-29 02:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-07-13 10:00 - 2013-06-04 02:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-07-13 09:56 - 2013-06-01 05:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll

2013-07-13 09:56 - 2013-05-08 05:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL

2013-07-13 09:56 - 2013-04-17 12:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-07-13 09:56 - 2013-04-17 12:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-07-13 09:56 - 2013-04-17 12:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-07-13 09:56 - 2013-04-17 12:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-07-13 09:56 - 2013-04-17 11:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-07-13 09:56 - 2013-04-17 11:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-07-13 09:56 - 2013-04-17 11:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-07-13 09:56 - 2013-04-17 11:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-07-13 09:56 - 2013-04-17 11:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
 

==================== One Month Modified Files and Folders =======
 

2013-08-08 09:33 - 2013-08-08 09:33 - 00000000 ____D C:\FRST

2013-08-08 07:35 - 2009-07-18 20:17 - 00000012 _____ C:\Windows\bthservsdp.dat

2013-08-08 07:34 - 2006-11-02 13:47 - 00003264 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-08 07:34 - 2006-11-02 13:47 - 00003264 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-08 07:33 - 2009-07-18 20:16 - 01862098 _____ C:\Windows\WindowsUpdate.log

2013-08-07 23:55 - 2009-07-27 11:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype

2013-08-07 23:46 - 2013-08-07 23:46 - 00000761 _____ C:\Windows\System32\09qj.lnk

2013-08-07 23:45 - 2013-07-29 21:53 - 00005416 _____ C:\Windows\PFRO.log

2013-08-07 23:18 - 2013-08-07 23:18 - 00117760 _____ (Microsoft Corporation) C:\ProgramData\jq90.dat

2013-08-07 23:12 - 2009-07-27 12:09 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe

2013-08-07 23:11 - 2013-08-07 23:11 - 00001960 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\ProgramData\McAfee Security Scan

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\ProgramData\McAfee

2013-08-07 23:11 - 2013-08-07 23:11 - 00000000 ____D C:\Program Files\McAfee Security Scan

2013-08-07 23:11 - 2013-04-02 19:16 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2013-08-07 23:11 - 2013-04-02 19:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2013-08-07 22:22 - 2013-08-07 22:22 - 00001984 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-08-07 22:22 - 2009-07-27 11:32 - 00000000 ____D C:\Program Files\Google

2013-08-07 22:19 - 2009-08-23 19:36 - 00000000 ____D C:\Users\User\AppData\Local\Google

2013-08-07 21:14 - 2010-07-17 22:53 - 00000000 ____D C:\Users\User\AppData\Local\FreePDF_XP

2013-08-07 21:13 - 2010-07-17 22:39 - 00004020 _____ C:\fpRedmon.log

2013-08-07 14:04 - 2013-08-07 14:04 - 00000000 ____D C:\ProgramData\APN

2013-08-07 13:54 - 2013-08-07 13:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira

2013-08-07 13:50 - 2006-11-02 11:33 - 01473770 _____ C:\Windows\System32\PerfStringBackup.INI

2013-08-07 13:49 - 2011-11-27 18:29 - 00000000 ____D C:\ProgramData\Avira

2013-08-07 13:30 - 2013-08-07 13:49 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys

2013-08-07 13:30 - 2013-08-07 13:49 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys

2013-08-07 13:30 - 2013-08-07 13:49 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys

2013-08-07 13:30 - 2013-08-07 13:49 - 00028520 _____ (Avira GmbH) C:\Windows\System32\Drivers\ssmdrv.sys

2013-08-05 13:00 - 2013-08-05 13:00 - 00002086 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-07-31 23:24 - 2009-08-08 21:30 - 00071680 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-07-29 23:03 - 2009-07-24 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2013-07-29 21:55 - 2013-07-29 21:55 - 00142776 _____ C:\Windows\Minidump\Mini072913-01.dmp

2013-07-29 21:55 - 2010-03-20 14:26 - 00000000 ____D C:\Windows\Minidump

2013-07-29 21:53 - 2013-07-29 21:53 - 247655990 _____ C:\Windows\MEMORY.DMP

2013-07-27 10:21 - 2013-07-27 10:21 - 00000796 _____ C:\Windows\setupact.log

2013-07-27 10:21 - 2013-07-27 10:21 - 00000000 _____ C:\Windows\setuperr.log

2013-07-27 09:23 - 2013-07-27 09:23 - 00000000 ____D C:\Users\User\Documents\default

2013-07-14 03:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET

2013-07-14 02:59 - 2006-11-02 13:47 - 02210472 _____ C:\Windows\System32\FNTCACHE.DAT

2013-07-14 02:57 - 2011-12-03 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-14 02:55 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\System32\XPSViewer

2013-07-14 02:21 - 2006-11-02 11:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe

2013-07-14 02:06 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal

2013-07-13 09:27 - 2009-08-19 21:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Mp3tag
 

Files to move or delete:

====================

C:\ProgramData\jq90.dat
 

==================== Known DLLs (Whitelisted) ============
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 

==================== EXE ASSOCIATION =====================
 

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK
 

==================== Restore Points  =========================
 

Restore point made on: 2013-07-31 21:01:11

Restore point made on: 2013-08-02 16:21:25

Restore point made on: 2013-08-05 14:26:51

Restore point made on: 2013-08-06 16:11:50

Restore point made on: 2013-08-07 15:36:42
 

==================== Memory info =========================== 
 

Percentage of memory in use: 22%

Total physical RAM: 2045.88 MB

Available physical RAM: 1594.95 MB

Total Pagefile: 1861.66 MB

Available Pagefile: 1697.39 MB

Total Virtual: 2047.88 MB

Available Virtual: 1972.5 MB
 

==================== Drives ================================
 

Drive c: (Windows Vista) (Fixed) (Total:58.59 GB) (Free:6.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Windows 8 CP) (Fixed) (Total:39.06 GB) (Free:28.32 GB) NTFS

Drive e: (Programme) (Fixed) (Total:146.48 GB) (Free:79.18 GB) NTFS

Drive f: (Daten) (Fixed) (Total:1153.12 GB) (Free:454.45 GB) NTFS

Drive h: (MEDHOPRDEU) (CDROM) (Total:2.39 GB) (Free:0 GB) CDFS

Drive j: () (Removable) (Total:0.49 GB) (Free:0.37 GB) FAT

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 913912F5)

Partition 1: (Active) - (Size=59 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=39 GB) - (Type=OF Extended)

Partition 3: (Not Active) - (Size=146 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=-960867860480) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 500 MB) (Disk ID: 007CE597)

Partition 1: (Active) - (Size=500 MB) - (Type=06)
 
 

LastRegBack: 2013-08-08 07:58
 

==================== End Of Log ============================
Wre kann mir bei den Angaben für die Datei Fixlist.txt helfen.

Vielen Dank