Trojaner-Board - Weißer Bildschirm Windows 7 64bit

Hallo,

hier der Loh von Malwarebytes:
----------
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2013.08.28.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Ferdinand :: FERDINAND-PC [Administrator]

28.08.2013 16:52:42
mbam-log-2013-08-28 (16-52-42).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212956
Laufzeit: 2 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> 3444 -> Löschen bei Neustart.

Infizierte Speichermodule: 8
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 21
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SweetIM (PUP.Optional.SweetIM) -> Daten: C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {D7D5BA8A-7835-11E1-BA48-E0CA94950C47} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {D7D5BA8A-7835-11E1-BA48-E0CA94950C47} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Users\Ferdinand\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 16
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Löschen bei Neustart.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ferdinand\Downloads\DivxUpdate_uk (1).exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ferdinand\Downloads\DivxUpdate_uk (2).exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ferdinand\Downloads\DivxUpdate_uk.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\131302f.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\1313035.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Ferdinand\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
------------------

HIer der Log von AdwCleaner:

-----AdwCleaner Logfile:

Code:

# AdwCleaner v3.001 - Report created 28/08/2013 at 17:13:48

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Ferdinand - FERDINAND-PC

# Running from : C:\Users\Ferdinand\Desktop\adwcleaner3001.exe

# Option : Clean
 

***** [ Services ] *****
 

Service Deleted : APNMCP
 

***** [ Files / Folders ] *****
 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\AskPartnerNetwork

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\SweetIM

Folder Deleted : C:\Program Files (x86)\~BabylonToolbar

Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork

Folder Deleted : C:\Program Files (x86)\SweetIM

Folder Deleted : C:\Users\Ferdinand\AppData\Local\Babylon

Folder Deleted : C:\Users\FERDIN~1\AppData\Local\Temp\apn

Folder Deleted : C:\Users\Ferdinand\AppData\LocalLow\BabylonToolbar
 

***** [ Shortcuts ] *****
 
 

***** [ Registry ] *****
 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\b

Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd

Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore

Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1

Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\sim-packages

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

Key Deleted : HKCU\Software\AskPartnerNetwork

Key Deleted : HKCU\Software\BabylonToolbar

Key Deleted : HKLM\Software\AskPartnerNetwork

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\BabylonToolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
 

***** [ Browsers ] *****
 

-\\ Internet Explorer v10.0.9200.16660
 
 

-\\ Mozilla Firefox v
 

*************************
 

AdwCleaner[R0].txt - [8798 octets] - [28/08/2013 17:13:00]

AdwCleaner[S0].txt - [8624 octets] - [28/08/2013 17:13:48]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8684 octets] ##########

--- --- ---

Log von Junkware:

---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Ferdinand on 28.08.2013 at 17:19:41,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2013 at 17:27:00,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013

Ran by Ferdinand (administrator) on 28-08-2013 17:30:20

Running from C:\Users\Ferdinand\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe

(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

(Thisisu) C:\Users\Ferdinand\Desktop\JRT.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)

HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-23] (FUJITSU LIMITED)

HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)

HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)

HKLM\...\Run: [CSRSkype] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431504 2009-12-24] (CSR, plc)

HKLM\...\Run: [BthSyncServ] - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" [x]

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)

HKCU\...\Run: [RGSC] - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-29] (Google Inc.)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)

HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-27] (Avira Operations GmbH & Co. KG)

Startup: C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.

SearchScopes: HKCU - {C4ED74EC-4B4D-4BAB-A815-B69BF1E22A08} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE473

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-23] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)

R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-08-27] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-08-27] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-27] (Avira Operations GmbH & Co. KG)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-28 17:27 - 2013-08-28 17:27 - 00000629 _____ C:\Users\Ferdinand\Desktop\JRT.txt

2013-08-28 17:19 - 2013-08-28 17:19 - 01021434 _____ (Thisisu) C:\Users\Ferdinand\Desktop\JRT.exe

2013-08-28 17:19 - 2013-08-28 17:19 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 17:12 - 2013-08-28 17:12 - 00994642 _____ C:\Users\Ferdinand\Desktop\adwcleaner3001.exe

2013-08-28 17:08 - 2013-08-28 17:13 - 00000000 ____D C:\AdwCleaner

2013-08-28 16:43 - 2013-08-28 16:43 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 16:43 - 2013-08-28 16:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 16:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-08-28 06:47 - 2013-08-28 06:47 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-08-28 06:45 - 2013-08-28 06:52 - 00009637 _____ C:\Windows\IE10_main.log

2013-08-28 06:42 - 2013-08-28 17:14 - 00000224 _____ C:\Windows\setupact.log

2013-08-28 06:42 - 2013-08-28 06:42 - 00000000 _____ C:\Windows\setuperr.log

2013-08-27 22:46 - 2013-08-27 22:47 - 00000000 ____D C:\Windows\system32\MRT

2013-08-27 22:28 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-08-27 22:28 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-27 22:28 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2013-08-27 22:28 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2013-08-27 22:28 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2013-08-27 22:28 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-08-27 22:28 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2013-08-27 22:28 - 2013-03-19 08:04 - 05550424 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-08-27 22:28 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2013-08-27 22:28 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2013-08-27 22:28 - 2013-03-19 07:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2013-08-27 22:28 - 2013-03-19 07:04 - 03968856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-27 22:28 - 2013-03-19 07:04 - 03913560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-27 22:28 - 2013-03-19 06:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-08-27 22:28 - 2013-03-19 05:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2013-08-27 22:28 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2013-08-27 22:28 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-08-27 22:28 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-08-27 22:28 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-08-27 22:28 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2013-08-27 22:28 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-08-27 22:28 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-08-27 22:28 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-08-27 22:28 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2013-08-27 22:28 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2013-08-27 22:28 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2013-08-27 22:28 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-08-27 22:28 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-08-27 22:28 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-08-27 22:28 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2013-08-27 22:27 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-08-27 22:27 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-08-27 22:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2013-08-27 22:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-08-27 22:27 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-08-27 22:27 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2013-08-27 22:27 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-08-27 22:27 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-08-27 22:27 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-08-27 22:27 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2013-08-27 22:27 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2013-08-27 22:27 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-08-27 22:27 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-08-27 22:27 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2013-08-27 22:27 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2013-08-27 22:27 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2013-08-27 22:27 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-08-27 22:27 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-08-27 22:27 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2013-08-27 22:27 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2013-08-27 22:24 - 2013-08-27 22:24 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Avira

2013-08-27 22:24 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-08-27 22:24 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-08-27 22:23 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-08-27 22:23 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2013-08-27 22:20 - 2013-08-27 22:20 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Mozilla

2013-08-27 22:19 - 2013-08-27 22:19 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\ProgramData\Avira

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-27 22:18 - 2013-08-27 22:14 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-27 22:18 - 2013-08-27 22:14 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-27 22:18 - 2013-08-27 22:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-27 22:12 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2013-08-27 22:07 - 2013-08-27 22:07 - 00000000 ____D C:\FRST
 

==================== One Month Modified Files and Folders =======
 

2013-08-28 17:30 - 2013-08-28 17:30 - 01579080 _____ (Farbar) C:\Users\Ferdinand\Desktop\FRST64.exe

2013-08-28 17:27 - 2013-08-28 17:27 - 00000629 _____ C:\Users\Ferdinand\Desktop\JRT.txt

2013-08-28 17:27 - 2012-02-29 18:08 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-28 17:27 - 2012-01-11 12:58 - 01533940 _____ C:\Windows\WindowsUpdate.log

2013-08-28 17:22 - 2009-07-14 06:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-28 17:22 - 2009-07-14 06:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-28 17:19 - 2013-08-28 17:19 - 01021434 _____ (Thisisu) C:\Users\Ferdinand\Desktop\JRT.exe

2013-08-28 17:19 - 2013-08-28 17:19 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 17:15 - 2012-02-29 18:08 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-28 17:14 - 2013-08-28 06:42 - 00000224 _____ C:\Windows\setupact.log

2013-08-28 17:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-28 17:13 - 2013-08-28 17:08 - 00000000 ____D C:\AdwCleaner

2013-08-28 17:12 - 2013-08-28 17:12 - 00994642 _____ C:\Users\Ferdinand\Desktop\adwcleaner3001.exe

2013-08-28 16:57 - 2010-11-21 05:47 - 00098474 _____ C:\Windows\PFRO.log

2013-08-28 16:43 - 2013-08-28 16:43 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 16:43 - 2013-08-28 16:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 16:38 - 2012-02-29 17:46 - 00001421 _____ C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-08-28 16:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-08-28 06:52 - 2013-08-28 06:45 - 00009637 _____ C:\Windows\IE10_main.log

2013-08-28 06:47 - 2013-08-28 06:47 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-08-28 06:43 - 2012-02-29 17:46 - 00000000 ___RD C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-08-28 06:43 - 2012-02-29 17:46 - 00000000 ___RD C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-08-28 06:42 - 2013-08-28 06:42 - 00000000 _____ C:\Windows\setuperr.log

2013-08-28 06:42 - 2009-07-14 06:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-28 06:40 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal

2013-08-28 06:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-08-28 06:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-08-27 22:50 - 2011-04-12 09:43 - 00654166 _____ C:\Windows\system32\perfh007.dat

2013-08-27 22:50 - 2011-04-12 09:43 - 00130006 _____ C:\Windows\system32\perfc007.dat

2013-08-27 22:50 - 2009-07-14 07:13 - 01519874 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-27 22:47 - 2013-08-27 22:46 - 00000000 ____D C:\Windows\system32\MRT

2013-08-27 22:29 - 2012-02-29 18:08 - 00000000 ____D C:\Program Files (x86)\Google

2013-08-27 22:26 - 2012-03-22 23:38 - 00000000 ____D C:\Windows\Minidump

2013-08-27 22:24 - 2013-08-27 22:24 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Avira

2013-08-27 22:22 - 2012-02-29 18:08 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-08-27 22:22 - 2012-02-29 18:08 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-08-27 22:20 - 2013-08-27 22:20 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Mozilla

2013-08-27 22:19 - 2013-08-27 22:19 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\ProgramData\Avira

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-27 22:14 - 2013-08-27 22:18 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-27 22:14 - 2013-08-27 22:18 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-27 22:14 - 2013-08-27 22:18 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-27 22:07 - 2013-08-27 22:07 - 00000000 ____D C:\FRST

2013-08-27 21:54 - 2013-03-12 21:12 - 00000004 _____ C:\Users\Ferdinand\AppData\Roaming\skype.ini

2013-08-07 04:22 - 2010-11-21 05:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2013-08-05 16:14 - 2012-02-29 17:59 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 

Files to move or delete:

====================

C:\ProgramData\ism_0_llatsni.pad

C:\Users\Ferdinand\AppData\Roaming\skype.ini

C:\Users\FERDIN~1\AppData\Local\Temp\Quarantine.exe

C:\Users\FERDIN~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\CbsProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\CompatProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismCore.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismCorePS.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismHost.exe

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismProv.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DmiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\FolderProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\IntlProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\LogProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\MsiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\OSProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\SmiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\TransmogProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\UnattendProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\wdscore.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\WimProvider.dll
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2012-12-29 16:15
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013

Ran by Ferdinand at 2013-08-28 17:31:43

Running from C:\Users\Ferdinand\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)

Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)

ALDI Bestellsoftware 4.12.1 (x32 Version: 4.12.1)

Avira Free Antivirus (x32 Version: 13.0.0.3885)

Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)

be Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)

Bluetooth Feature Pack 5.0 (Version: 5.0.14)

Fujitsu Display Manager (Version: 7.01.00.210)

Fujitsu Display Manager (x32 Version: )

Fujitsu Hotkey Utility (x32 Version: 3.60.1.0)

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000)

Fujitsu MobilityCenter Extension Utility (x32 Version: )

Fujitsu System Extension Utility (Version: 3.1.1.0)

Fujitsu System Extension Utility (x32)

Google Earth Plug-in (x32 Version: 7.1.1.1888)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0)

Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)

Google Update Helper (x32 Version: 1.3.21.153)

Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025)

Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)

Java Auto Updater (x32 Version: 2.0.7.2)

Java(TM) 6 Update 37 (x32 Version: 6.0.370)

LifeBook Application Panel (Version: 8.1.0.0)

LifeBook Application Panel (x32)

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.672.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

NFS Underground (x32)

NVIDIA PhysX (x32 Version: 9.09.0203)

OpenOffice.org 3.3 (x32 Version: 3.3.9567)

Plugfree NETWORK (Version: 5.3.0.1)

Plugfree NETWORK (Version: 5.3.001)

Power Saving Utility (Version: 31.01.11.013)

Power Saving Utility (x32)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087)

Synaptics Pointing Device Driver (Version: 14.0.10.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)

Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)

Task: {360442D6-DE33-430D-BF1E-E03C25E30E7E} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {4BDA41A4-13BA-4A9A-B364-B8BE14D34097} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)

Task: {559811C9-F125-473E-8952-244AE6E0989B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)

Task: {6F04E486-F7C1-43CF-9F5D-10ED03EE6356} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)

Task: {730B1700-2120-4C4D-A045-E61E560ED7CC} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {95D422C1-2130-42E6-AEA7-F461ABFD6B88} - System32\Tasks\WPD\SqmUpload_S-1-5-21-343857982-1485739575-2457239309-1001 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)

Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-21] (Microsoft Corporation)

Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-21] (Microsoft Corporation)

Task: {AF6BC62A-7BAC-4AD1-977C-C9F1715A46F8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Task: {B82C7D9E-0285-4B26-86A6-9CF2857FC659} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)

Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)

Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-21] (Microsoft Corporation)

Task: {F7A92B1A-2E6E-4E20-A178-3307AB3BE20E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-29] (Google Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Alternate Data Streams (whitelisted) ==========
 

AlternateDataStreams: C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website:favicon
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 37%

Total physical RAM: 3892.55 MB

Available physical RAM: 2433.68 MB

Total Pagefile: 7783.29 MB

Available Pagefile: 5987.48 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:96.07 GB) (Free:64.54 GB) NTFS

Drive e: (Ferdi) (Fixed) (Total:136.72 GB) (Free:76.46 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 558F8212)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=96 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=137 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

So, alles erledigt :) WIe geht's weiter?

Grüße
Julia

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a18a3a69ebf27748b3e37b8c816e73fd
# engine=14959
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-30 09:40:51
# local_time=2013-08-30 11:40:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 180443 123661871 173213 0
# compatibility_mode=5893 16776573 100 94 194547 129528701 0 0
# scanned=158462
# found=11
# cleaned=0
# scan_time=4872
sh=EA6522467447141A68E4ABF4F969FFA8415CB188 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.DS trojan" ac=I fn="C:\Users\Ferdinand\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\31ffc8b-7e14c5c2"
sh=811AEA461CE41C5A093F87C5B4C2BC96FD969951 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.BN trojan" ac=I fn="C:\Users\Ferdinand\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\3a7d2b0f-7572222c"
sh=2E1AC955B72C606EA191BB029AEE096ACDF1DFE6 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.BV trojan" ac=I fn="C:\Users\Ferdinand\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\14233d91-3419eba8"
sh=3D835D89B6DF4CD678EA37849FA2DE92E1975186 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.BS trojan" ac=I fn="C:\Users\Ferdinand\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\585b561b-2647b1a7"
sh=ADAB392965B1704CFA7778473E29E54903128D94 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Ferdinand\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\3ef65a44-10801150"
sh=16528900FAEB6FF62878DB5CB9967440C480871E ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\FERDINAND-PC\Backup Set 2012-06-26 220634\Backup Files 2012-06-26 220634\Backup files 1.zip"
sh=163A3DB57D8EBCB7BB267B45EB04C4CA69E71270 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-0507.DS trojan" ac=I fn="E:\FERDINAND-PC\Backup Set 2012-06-26 220634\Backup Files 2012-08-20 204843\Backup files 1.zip"
sh=C62876293D1ED66025B979CAB4FCCC8EDE6BC937 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\FERDINAND-PC\Backup Set 2012-10-15 202813\Backup Files 2012-10-15 202813\Backup files 4.zip"
sh=34B2DF46DB00A71307F6DED7E5B3736941AC73D6 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\FERDINAND-PC\Backup Set 2012-10-15 202813\Backup Files 2012-11-20 183807\Backup files 1.zip"
sh=504C9551085FB4F27AEE79AE83240270C3F24ABF ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\FERDINAND-PC\Backup Set 2013-02-03 190002\Backup Files 2013-02-03 190002\Backup files 4.zip"
sh=21D6EEA5785B0DF0001C694502B5D5108CEB3A2B ft=0 fh=0000000000000000 vn="Win32/LockScreen.APR trojan" ac=I fn="E:\FERDINAND-PC\Backup Set 2013-02-03 190002\Backup Files 2013-08-27 212131\Backup files 1.zip"

Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Java 7 Update 25
Adobe Flash Player 11.1.102.63 Flash Player out of Date!
Adobe Reader 10.1.7 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2013 01

Ran by Ferdinand (administrator) on FERDINAND-PC on 31-08-2013 08:59:54

Running from C:\Users\Ferdinand\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZRNDLMH

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

() C:\Users\Ferdinand\Desktop\SecurityCheck.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)

HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-23] (FUJITSU LIMITED)

HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)

HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)

HKLM\...\Run: [CSRSkype] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431504 2009-12-24] (CSR, plc)

HKLM\...\Run: [BthSyncServ] - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" [x]

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)

HKCU\...\Run: [RGSC] - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-29] (Google Inc.)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)

HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-27] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

Startup: C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.

SearchScopes: HKCU - {C4ED74EC-4B4D-4BAB-A815-B69BF1E22A08} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE473

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-27] (Avira Operations GmbH & Co. KG)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-23] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)

R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-08-27] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-08-27] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-27] (Avira Operations GmbH & Co. KG)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-30 22:17 - 2013-08-30 22:17 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-30 22:16 - 2013-08-30 22:16 - 02347384 _____ (ESET) C:\Users\Ferdinand\Desktop\esetsmartinstaller_enu.exe

2013-08-28 21:51 - 2013-08-28 21:51 - 00000000 ____D C:\Windows\Sun

2013-08-28 21:45 - 2013-08-28 21:44 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-08-28 21:44 - 2013-08-28 21:44 - 00000000 ____D C:\Program Files (x86)\Java

2013-08-28 21:43 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2013-08-28 21:43 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2013-08-28 21:43 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2013-08-28 21:43 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2013-08-28 21:43 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2013-08-28 21:43 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2013-08-28 21:43 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-08-28 21:43 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-08-28 21:43 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2013-08-28 21:43 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2013-08-28 21:43 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-08-28 21:43 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2013-08-28 21:43 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2013-08-28 21:43 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2013-08-28 21:43 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2013-08-28 21:43 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-08-28 21:43 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2013-08-28 21:43 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2013-08-28 21:43 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2013-08-28 21:43 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2013-08-28 21:43 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2013-08-28 21:43 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2013-08-28 21:43 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2013-08-28 21:43 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-08-28 21:43 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2013-08-28 21:38 - 2013-08-28 21:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf

2013-08-28 21:37 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-08-28 21:37 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-08-28 21:37 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-08-28 21:37 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-28 21:37 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-28 21:37 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-08-28 21:37 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-08-28 21:37 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-08-28 21:37 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-08-28 21:37 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-08-28 21:37 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-08-28 21:37 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2013-08-28 21:37 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2013-08-28 21:37 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2013-08-28 21:37 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2013-08-28 21:37 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2013-08-28 21:37 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2013-08-28 21:37 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2013-08-28 21:37 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2013-08-28 21:37 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2013-08-28 17:31 - 2013-08-28 17:35 - 00048196 _____ C:\Users\Ferdinand\Desktop\FRST.txt

2013-08-28 17:31 - 2013-08-28 17:31 - 00007654 _____ C:\Users\Ferdinand\Desktop\Addition.txt

2013-08-28 17:27 - 2013-08-28 17:27 - 00000629 _____ C:\Users\Ferdinand\Desktop\JRT.txt

2013-08-28 17:19 - 2013-08-28 17:19 - 01021434 _____ (Thisisu) C:\Users\Ferdinand\Desktop\JRT.exe

2013-08-28 17:19 - 2013-08-28 17:19 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 17:12 - 2013-08-28 17:12 - 00994642 _____ C:\Users\Ferdinand\Desktop\adwcleaner3001.exe

2013-08-28 17:08 - 2013-08-28 17:13 - 00000000 ____D C:\AdwCleaner

2013-08-28 16:43 - 2013-08-28 16:43 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 16:43 - 2013-08-28 16:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 16:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-08-28 06:47 - 2013-08-28 06:47 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-08-28 06:45 - 2013-08-28 06:52 - 00009637 _____ C:\Windows\IE10_main.log

2013-08-28 06:42 - 2013-08-31 08:47 - 00000746 _____ C:\Windows\setupact.log

2013-08-28 06:42 - 2013-08-28 06:42 - 00000000 _____ C:\Windows\setuperr.log

2013-08-27 22:46 - 2013-08-27 22:47 - 00000000 ____D C:\Windows\system32\MRT

2013-08-27 22:28 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-08-27 22:28 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-27 22:28 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2013-08-27 22:28 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2013-08-27 22:28 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2013-08-27 22:28 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-08-27 22:28 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2013-08-27 22:28 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2013-08-27 22:28 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2013-08-27 22:28 - 2013-03-19 07:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2013-08-27 22:28 - 2013-03-19 06:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-08-27 22:28 - 2013-03-19 05:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2013-08-27 22:28 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2013-08-27 22:28 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-08-27 22:28 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-08-27 22:28 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-08-27 22:28 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2013-08-27 22:28 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-08-27 22:28 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-08-27 22:28 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-08-27 22:28 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2013-08-27 22:27 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-08-27 22:27 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-08-27 22:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2013-08-27 22:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2013-08-27 22:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-08-27 22:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-08-27 22:27 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-08-27 22:27 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2013-08-27 22:27 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-08-27 22:27 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-08-27 22:27 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-08-27 22:27 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2013-08-27 22:27 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2013-08-27 22:27 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-08-27 22:27 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-08-27 22:27 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2013-08-27 22:27 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2013-08-27 22:27 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2013-08-27 22:27 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-08-27 22:27 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-08-27 22:27 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2013-08-27 22:27 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2013-08-27 22:24 - 2013-08-27 22:24 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Avira

2013-08-27 22:24 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-08-27 22:24 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-08-27 22:23 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-08-27 22:23 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2013-08-27 22:20 - 2013-08-27 22:20 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Mozilla

2013-08-27 22:19 - 2013-08-27 22:19 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\ProgramData\Avira

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-27 22:18 - 2013-08-27 22:14 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-27 22:18 - 2013-08-27 22:14 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-27 22:18 - 2013-08-27 22:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-27 22:12 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2013-08-27 22:07 - 2013-08-27 22:07 - 00000000 ____D C:\FRST
 

==================== One Month Modified Files and Folders =======
 

2013-08-31 08:55 - 2009-07-14 06:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-31 08:55 - 2009-07-14 06:45 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-31 08:52 - 2013-08-31 08:52 - 00891115 _____ C:\Users\Ferdinand\Desktop\SecurityCheck.exe

2013-08-31 08:52 - 2012-01-11 12:58 - 01704029 _____ C:\Windows\WindowsUpdate.log

2013-08-31 08:47 - 2013-08-28 06:42 - 00000746 _____ C:\Windows\setupact.log

2013-08-31 08:47 - 2012-02-29 18:08 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-31 08:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-30 23:27 - 2012-02-29 18:08 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-30 22:17 - 2013-08-30 22:17 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-30 22:16 - 2013-08-30 22:16 - 02347384 _____ (ESET) C:\Users\Ferdinand\Desktop\esetsmartinstaller_enu.exe

2013-08-28 21:51 - 2013-08-28 21:51 - 00000000 ____D C:\Windows\Sun

2013-08-28 21:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-08-28 21:44 - 2013-08-28 21:45 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-08-28 21:44 - 2013-08-28 21:44 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-08-28 21:44 - 2013-08-28 21:44 - 00000000 ____D C:\Program Files (x86)\Java

2013-08-28 21:44 - 2012-11-27 18:44 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll

2013-08-28 21:44 - 2012-02-29 18:14 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-08-28 21:40 - 2011-04-12 09:43 - 00654166 _____ C:\Windows\system32\perfh007.dat

2013-08-28 21:40 - 2011-04-12 09:43 - 00130006 _____ C:\Windows\system32\perfc007.dat

2013-08-28 21:40 - 2009-07-14 07:13 - 01519874 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-28 21:38 - 2013-08-28 21:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf

2013-08-28 17:35 - 2013-08-28 17:31 - 00048196 _____ C:\Users\Ferdinand\Desktop\FRST.txt

2013-08-28 17:31 - 2013-08-28 17:31 - 00007654 _____ C:\Users\Ferdinand\Desktop\Addition.txt

2013-08-28 17:27 - 2013-08-28 17:27 - 00000629 _____ C:\Users\Ferdinand\Desktop\JRT.txt

2013-08-28 17:19 - 2013-08-28 17:19 - 01021434 _____ (Thisisu) C:\Users\Ferdinand\Desktop\JRT.exe

2013-08-28 17:19 - 2013-08-28 17:19 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 17:13 - 2013-08-28 17:08 - 00000000 ____D C:\AdwCleaner

2013-08-28 17:12 - 2013-08-28 17:12 - 00994642 _____ C:\Users\Ferdinand\Desktop\adwcleaner3001.exe

2013-08-28 16:57 - 2010-11-21 05:47 - 00098474 _____ C:\Windows\PFRO.log

2013-08-28 16:43 - 2013-08-28 16:43 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 16:43 - 2013-08-28 16:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 16:38 - 2012-02-29 17:46 - 00001421 _____ C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-08-28 06:52 - 2013-08-28 06:45 - 00009637 _____ C:\Windows\IE10_main.log

2013-08-28 06:47 - 2013-08-28 06:47 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-28 06:47 - 2013-08-28 06:47 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-08-28 06:47 - 2013-08-28 06:47 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-08-28 06:47 - 2013-08-28 06:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-08-28 06:47 - 2013-08-28 06:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-08-28 06:47 - 2013-08-28 06:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-08-28 06:47 - 2013-08-28 06:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-08-28 06:43 - 2012-02-29 17:46 - 00000000 ___RD C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-08-28 06:43 - 2012-02-29 17:46 - 00000000 ___RD C:\Users\Ferdinand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-08-28 06:42 - 2013-08-28 06:42 - 00000000 _____ C:\Windows\setuperr.log

2013-08-28 06:42 - 2009-07-14 06:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-28 06:40 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal

2013-08-28 06:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-08-28 06:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-08-27 22:47 - 2013-08-27 22:46 - 00000000 ____D C:\Windows\system32\MRT

2013-08-27 22:29 - 2012-02-29 18:08 - 00000000 ____D C:\Program Files (x86)\Google

2013-08-27 22:26 - 2012-03-22 23:38 - 00000000 ____D C:\Windows\Minidump

2013-08-27 22:24 - 2013-08-27 22:24 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Avira

2013-08-27 22:22 - 2012-02-29 18:08 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-08-27 22:22 - 2012-02-29 18:08 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-08-27 22:20 - 2013-08-27 22:20 - 00000000 ____D C:\Users\Ferdinand\AppData\Roaming\Mozilla

2013-08-27 22:19 - 2013-08-27 22:19 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\ProgramData\Avira

2013-08-27 22:18 - 2013-08-27 22:18 - 00000000 ____D C:\Program Files (x86)\Avira

2013-08-27 22:14 - 2013-08-27 22:18 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-08-27 22:14 - 2013-08-27 22:18 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-08-27 22:14 - 2013-08-27 22:18 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2013-08-27 22:07 - 2013-08-27 22:07 - 00000000 ____D C:\FRST

2013-08-27 21:54 - 2013-03-12 21:12 - 00000004 _____ C:\Users\Ferdinand\AppData\Roaming\skype.ini

2013-08-07 04:22 - 2010-11-21 05:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2013-08-05 16:14 - 2012-02-29 17:59 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 

Files to move or delete:

====================

C:\ProgramData\ism_0_llatsni.pad

C:\Users\Ferdinand\AppData\Roaming\skype.ini

C:\Users\FERDIN~1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\FERDIN~1\AppData\Local\Temp\Quarantine.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe

C:\Users\FERDIN~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe

C:\Users\FERDIN~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\CbsProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\CompatProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismCore.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismCorePS.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismHost.exe

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DismProv.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\DmiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\FolderProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\IntlProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\LogProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\MsiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\OSProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\SmiProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\TransmogProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\UnattendProvider.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\wdscore.dll

C:\Users\FERDIN~1\AppData\Local\Temp\36559E86-7FB3-4606-BBD8-019F4E77A355\WimProvider.dll
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2012-12-29 16:15
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Vielen Dank :)
Ist der Rechner nun geheilt?
Probleme sind so jetzt nicht zu erkennen, aber man weiß ja nie, was sich noch so versteckt...