Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Habe mir ein paar Viren eingefangen (https://www.trojaner-board.de/142037-habe-mir-paar-viren-eingefangen.html)

class 24.09.2013 07:42
Habe mir ein paar Viren eingefangen
 
Hallo,

Avira meldet das ich mehrere Viren habe =(

Könnt ihr mir helfen diese wieder zu entfernen?

Avira Log:
Code:

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Freitag, 20. September 2013  16:26

Es wird nach 5642650 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Avira Free Antivirus
Seriennummer  : 0000149996-ADJIE-0000001
Plattform      : Windows Vista
Windowsversion : (Service Pack 1)  [6.0.6001]
Boot Modus    : Normal gebootet
Benutzername  : SYSTEM
Computername  : ******

Versionsinformationen:
BUILD.DAT      : 10.2.0.2100    36757 Bytes  24.06.2013 22:09:00
AVSCAN.EXE    : 10.3.0.7      484008 Bytes  01.07.2011 12:31:50
AVSCAN.DLL    : 10.0.5.0      57192 Bytes  01.07.2011 12:31:49
LUKE.DLL      : 10.3.0.5      45416 Bytes  01.07.2011 12:32:00
LUKERES.DLL    : 10.0.0.0      13672 Bytes  14.01.2010 11:59:47
AVSCPLR.DLL    : 10.3.0.7      119656 Bytes  01.07.2011 12:32:03
AVREG.DLL      : 10.3.0.9      88833 Bytes  16.07.2011 10:23:44
VBASE000.VDF  : 7.11.70.0  66736640 Bytes  04.04.2013 22:15:07
VBASE001.VDF  : 7.11.74.226  2201600 Bytes  30.04.2013 08:50:37
VBASE002.VDF  : 7.11.80.60  2751488 Bytes  28.05.2013 09:37:19
VBASE003.VDF  : 7.11.85.214  2162688 Bytes  21.06.2013 12:21:17
VBASE004.VDF  : 7.11.91.176  3903488 Bytes  23.07.2013 08:32:29
VBASE005.VDF  : 7.11.98.186  6822912 Bytes  29.08.2013 16:53:30
VBASE006.VDF  : 7.11.98.187    2048 Bytes  29.08.2013 16:53:30
VBASE007.VDF  : 7.11.98.188    2048 Bytes  29.08.2013 16:53:30
VBASE008.VDF  : 7.11.98.189    2048 Bytes  29.08.2013 16:53:30
VBASE009.VDF  : 7.11.98.190    2048 Bytes  29.08.2013 16:53:30
VBASE010.VDF  : 7.11.98.191    2048 Bytes  29.08.2013 16:53:31
VBASE011.VDF  : 7.11.98.192    2048 Bytes  29.08.2013 16:53:31
VBASE012.VDF  : 7.11.98.193    2048 Bytes  29.08.2013 16:53:31
VBASE013.VDF  : 7.11.99.52    270848 Bytes  30.08.2013 08:33:23
VBASE014.VDF  : 7.11.99.167  210944 Bytes  02.09.2013 07:24:40
VBASE015.VDF  : 7.11.100.3    265216 Bytes  03.09.2013 07:24:41
VBASE016.VDF  : 7.11.100.95  220160 Bytes  04.09.2013 07:24:42
VBASE017.VDF  : 7.11.100.197  143872 Bytes  05.09.2013 07:24:42
VBASE018.VDF  : 7.11.101.11  227840 Bytes  06.09.2013 07:24:43
VBASE019.VDF  : 7.11.101.79  148480 Bytes  07.09.2013 20:39:56
VBASE020.VDF  : 7.11.101.169  305664 Bytes  10.09.2013 20:39:57
VBASE021.VDF  : 7.11.102.9    253440 Bytes  12.09.2013 20:39:58
VBASE022.VDF  : 7.11.102.151  282624 Bytes  15.09.2013 20:37:12
VBASE023.VDF  : 7.11.102.152    2048 Bytes  15.09.2013 20:37:12
VBASE024.VDF  : 7.11.102.153    2048 Bytes  15.09.2013 20:37:12
VBASE025.VDF  : 7.11.102.154    2048 Bytes  15.09.2013 20:37:12
VBASE026.VDF  : 7.11.102.155    2048 Bytes  15.09.2013 20:37:12
VBASE027.VDF  : 7.11.102.156    2048 Bytes  15.09.2013 20:37:12
VBASE028.VDF  : 7.11.102.157    2048 Bytes  15.09.2013 20:37:12
VBASE029.VDF  : 7.11.102.158    2048 Bytes  15.09.2013 20:37:12
VBASE030.VDF  : 7.11.102.159    2048 Bytes  15.09.2013 20:37:12
VBASE031.VDF  : 7.11.102.228  258048 Bytes  17.09.2013 16:11:13
Engineversion  : 8.2.12.120
AEVDF.DLL      : 8.1.3.4      102774 Bytes  18.06.2013 12:17:07
AESCRIPT.DLL  : 8.1.4.148    516478 Bytes  07.09.2013 07:24:56
AESCN.DLL      : 8.1.10.4      131446 Bytes  29.03.2013 18:32:48
AESBX.DLL      : 8.2.16.26    1245560 Bytes  27.08.2013 06:15:09
AERDL.DLL      : 8.2.0.128    688504 Bytes  18.06.2013 12:17:06
AEPACK.DLL    : 8.3.2.28      749945 Bytes  14.09.2013 20:40:33
AEOFFICE.DLL  : 8.1.2.76      205181 Bytes  08.08.2013 13:17:25
AEHEUR.DLL    : 8.1.4.630    6164858 Bytes  14.09.2013 20:40:30
AEHELP.DLL    : 8.1.27.6      266617 Bytes  28.08.2013 14:22:53
AEGEN.DLL      : 8.1.7.14      446839 Bytes  07.09.2013 07:24:48
AEEXP.DLL      : 8.4.1.62      328055 Bytes  14.09.2013 20:40:34
AEEMU.DLL      : 8.1.3.2      393587 Bytes  13.07.2012 21:58:53
AECORE.DLL    : 8.1.32.0      201081 Bytes  27.08.2013 06:15:03
AEBB.DLL      : 8.1.1.4        53619 Bytes  16.11.2012 08:00:37
AVWINLL.DLL    : 10.0.0.0      19304 Bytes  02.08.2010 15:09:33
AVPREF.DLL    : 10.0.3.2      44904 Bytes  01.07.2011 12:31:49
AVREP.DLL      : 10.0.0.10    174120 Bytes  20.05.2011 07:27:10
AVARKT.DLL    : 10.0.26.1    255336 Bytes  01.07.2011 12:31:47
AVEVTLOG.DLL  : 10.0.0.9      203112 Bytes  01.07.2011 12:31:48
SQLITE3.DLL    : 3.6.19.0      355688 Bytes  17.06.2010 14:27:02
AVSMTP.DLL    : 10.0.0.17      63848 Bytes  02.08.2010 15:09:33
NETNT.DLL      : 10.0.0.0      11624 Bytes  17.06.2010 14:27:01
RCIMAGE.DLL    : 10.0.0.35    2589544 Bytes  01.07.2011 12:31:40
RCTEXT.DLL    : 10.0.64.0      98664 Bytes  01.07.2011 12:31:40

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 20. September 2013  16:26

Der Suchlauf nach versteckten Objekten wird begonnen.
Eine Instanz der ARK Library läuft bereits.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '80' Modul(e) wurden durchsucht
  Modul ist OK -> <\\.\globalroot\systemroot\system32\mswsock.dll>
  [WARNUNG]  Die Datei konnte nicht geöffnet werden!
Durchsuche Prozess 'avscan.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '79' Modul(e) wurden durchsucht
  Modul ist OK -> <\\.\globalroot\systemroot\system32\mswsock.dll>
  [WARNUNG]  Die Datei konnte nicht geöffnet werden!
Durchsuche Prozess 'avscan.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '78' Modul(e) wurden durchsucht
  Modul ist OK -> <\\.\globalroot\systemroot\system32\mswsock.dll>
  [WARNUNG]  Die Datei konnte nicht geöffnet werden!
Durchsuche Prozess 'avscan.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'TestHandler.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'c2c_service.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'fsssvc.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.EXE' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'BBSvc.EXE' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '100' Modul(e) wurden durchsucht
  Modul ist OK -> <\\.\globalroot\systemroot\system32\mswsock.dll>
  [WARNUNG]  Die Datei konnte nicht geöffnet werden!
Durchsuche Prozess 'sidebar.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdvancedSystemProtector.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.EXE' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'reader_sl.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'sm56hlpr.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppSvc32.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ccSvcHst.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '603' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <System>
C:\Users\Lena\AppData\Local\Temp\A10F.tmp.exe
  [FUND]      Ist das Trojanische Pferd TR/Crypt.ZPACK.3519
C:\Users\Lena\AppData\Local\Temp\jar_cache1917973742307445310.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache2121557617162884663.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache2224857163684822362.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache2648234254699853172.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache3990378096977716059.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache41549183880211415.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache5315686305806835446.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache5681926242385409980.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\jar_cache6070874062504578638.tmp
  [0] Archivtyp: ZIP
  --> game/advertise.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/JAVA.Niabil.Gen
  --> game/gameabbad57f.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.OpenS.E
C:\Users\Lena\AppData\Local\Temp\jar_cache808872114194113697.tmp
  [0] Archivtyp: ZIP
  --> imagegal.class
      [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
C:\Users\Lena\AppData\Local\Temp\tmp1660ab06\22305530.exe
  [FUND]      Ist das Trojanische Pferd TR/Drop.Sirefef.249
C:\Windows\assembly\GAC\Desktop.ini
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
Beginne mit der Suche in 'D:\' <DATA>

Beginne mit der Desinfektion:
C:\Windows\assembly\GAC\Desktop.ini
  [FUND]      Ist das Trojanische Pferd TR/ATRAPS.Gen2
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\tmp1660ab06\22305530.exe
  [FUND]      Ist das Trojanische Pferd TR/Drop.Sirefef.249
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache808872114194113697.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache6070874062504578638.tmp
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.OpenS.E
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache5681926242385409980.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache5315686305806835446.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache41549183880211415.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache3990378096977716059.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache2648234254699853172.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache2224857163684822362.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache2121557617162884663.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\jar_cache1917973742307445310.tmp
  [FUND]      Enthält Erkennungsmuster des Exploits EXP/Java.HLP.PO
  [WARNUNG]  Die Datei wurde ignoriert.
C:\Users\Lena\AppData\Local\Temp\A10F.tmp.exe
  [FUND]      Ist das Trojanische Pferd TR/Crypt.ZPACK.3519
  [WARNUNG]  Die Datei wurde ignoriert.


Ende des Suchlaufs: Freitag, 20. September 2013  18:22
Benötigte Zeit:  1:53:24 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  35006 Verzeichnisse wurden überprüft
 582119 Dateien wurden geprüft
    14 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      4 Dateien konnten nicht durchsucht werden
 582101 Dateien ohne Befall
  5054 Archive wurden durchsucht
    17 Warnungen
      0 Hinweise

schrauber 24.09.2013 08:21
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


class 24.09.2013 08:55
wow das ging ja zügig =)

FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by ****** (administrator) on ******SLAPTOP on 24-09-2013 09:47:37
Running from C:\Users\******\Desktop\antiviruszeugs
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Symantec Corporation) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Symantec Corporation) c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Advanced Micro Devices Inc.) c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\WerFault.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4431872 2007-04-10] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-04-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2010-08-02] (Avira GmbH)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18708224 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [Ecyvcepa] - C:\Users\******\AppData\Roaming\Iswii\anyxl.exe [311296 2011-06-12] (TivDevelop Software Group)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: {1a89f0dd-4131-11de-870c-00030d8697a3} - F:\xsia.bat
MountPoints2: {2dc90cdd-bcf9-11e0-b713-00030d8697a3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
MountPoints2: {6fe0cb54-5f43-11de-9cde-00030d8697a3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
MountPoints2: {e3748e35-8959-11dd-baa5-806e6f6e6963} - F:\LaunchU3.exe -a
MountPoints2: {e4ca8936-3acd-11e0-b694-00030d8697a3} - G:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: (No Name) - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} -  No File
URLSearchHook: (No Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} -  No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2449729
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} -  No File
Toolbar: HKCU - No Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog9 12 mswsock.dll File Not found ()
Winsock: Catalog9 13 mswsock.dll File Not found ()
Winsock: Catalog9 14 mswsock.dll File Not found ()
Winsock: Catalog9 15 mswsock.dll File Not found ()
Winsock: Catalog9 16 mswsock.dll File Not found ()
Winsock: Catalog9 17 mswsock.dll File Not found ()
Winsock: Catalog9 18 mswsock.dll File Not found ()
Winsock: Catalog9 19 mswsock.dll File Not found ()
Winsock: Catalog9 20 mswsock.dll File Not found ()
Winsock: Catalog9 21 mswsock.dll File Not found ()
Winsock: Catalog9 22 mswsock.dll File Not found ()
Winsock: Catalog9 23 mswsock.dll File Not found ()
Winsock: Catalog9 24 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoog******ClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-27] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-01] (Avira GmbH)
R2 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-25] (Symantec Corporation)
R2 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-25] (Symantec Corporation)
R2 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-25] (Symantec Corporation)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49296 2006-10-13] (Symantec Corporation)
S3 ISPwdSvc; c:\Program Files\Norton Internet Security\isPwdSvc.exe [80552 2006-10-27] (Symantec Corporation)
R2 LiveUpdate Notice Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624 2006-10-25] (Symantec Corporation)
S2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll [537992 2008-04-10] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-20] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2008-03-13] ()
R2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736 2006-09-20] (Symantec Corporation)
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\  \...\???\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-01] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-01] (Avira GmbH)
R0 CLFS; C:\Windows\System32\CLFS.sys [247352 2008-01-19] (Microsoft Corporation)
R1 IDSvix86; C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080606.003\IDSvix86.sys [261680 2008-03-12] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [46592 2007-04-04] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [406672 2006-10-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-12-01] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-12-01] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-12-01] (Symantec Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [12848 2008-10-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2009-01-06] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [146096 2008-10-03] (Symantec Corporation)
R3 SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [39984 2008-10-03] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [37936 2008-10-03] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [27696 2008-10-03] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [187952 2008-10-03] (Symantec Corporation)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080608.003\NAVENG.SYS [x]
S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080608.003\NAVEX15.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-24 09:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-03 18:35 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-03 18:05 - 2013-09-03 18:06 - 00037087 _____ C:\ProgramData\LUUnInstall.LiveUpdate
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss
2013-09-03 17:54 - 2013-09-03 17:54 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira

==================== One Month Modified Files and Folders =======

2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:46 - 2013-09-24 09:46 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-24 09:40 - 2010-11-24 10:33 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-24 09:40 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 09:40 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 09:39 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 09:34 - 2006-11-02 15:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-24 09:17 - 2013-09-07 18:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 08:55 - 2010-11-24 10:33 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-24 08:53 - 2008-05-16 22:06 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-24 08:45 - 2013-02-22 21:49 - 00000000 ____D C:\Users\******\AppData\Roaming\Systweak
2013-09-24 08:44 - 2008-08-22 03:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2013-09-24 08:37 - 2008-03-01 14:54 - 01820797 _____ C:\Windows\WindowsUpdate.log
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-17 15:01 - 2013-02-22 21:49 - 00000262 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-07 18:36 - 2008-04-06 20:50 - 00000000 __SHD C:\Users\******\AppData\Roaming\jebfcait
2013-09-07 09:30 - 2013-08-13 08:45 - 00000000 ____D C:\Users\******\AppData\Roaming\Zionb
2013-09-07 09:27 - 2009-01-25 16:09 - 00000000 ____D C:\Program Files\Windows Live
2013-09-05 06:58 - 2008-05-16 22:09 - 00000000 ____D C:\Program Files\Google
2013-09-04 16:08 - 2008-03-01 15:06 - 00058880 _____ C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 09:00 - 2011-07-18 17:14 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-03 18:12 - 2008-01-17 15:01 - 00109504 _____ C:\Windows\PFRO.log
2013-09-03 18:12 - 2008-01-17 14:48 - 00000000 ____D C:\Program Files\Symantec
2013-09-03 18:11 - 2008-01-17 14:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-03 18:11 - 2006-11-02 13:18 - 00000000 __RSD C:\Windows\Media
2013-09-03 18:08 - 2008-01-17 14:47 - 00000000 ____D C:\ProgramData\Symantec
2013-09-03 18:06 - 2013-09-03 18:05 - 00037087 _____ C:\ProgramData\LUUnInstall.LiveUpdate
2013-09-03 18:05 - 2008-05-16 22:14 - 00000000 ____D C:\Users\******\AppData\Local\Google
2013-09-03 18:05 - 2008-05-16 22:09 - 00000000 ____D C:\ProgramData\Google
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss
2013-09-03 17:54 - 2013-09-03 17:54 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira
2013-09-03 17:42 - 2009-07-14 08:29 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-09-03 14:28 - 2011-12-14 20:56 - 00000000 ____D C:\Users\******\Desktop\'Bilder
2013-08-29 19:41 - 2006-11-02 12:33 - 00005548 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 19:25 - 2012-01-20 14:57 - 00000000 ____D C:\Users\******\Desktop\HAus
2013-08-25 16:09 - 2006-11-02 14:52 - 00040307 _____ C:\Windows\setupact.log

ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini

Files to move or delete:
====================
ZeroAccess:
C:\Users\******\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install


Some content of TEMP:
====================
C:\Users\******\AppData\Local\Temp\2SKKKKKKK.exe
C:\Users\******\AppData\Local\Temp\A10F.tmp.exe
C:\Users\******\AppData\Local\Temp\AskSLib.dll
C:\Users\******\AppData\Local\Temp\ConduitEngine.dll
C:\Users\******\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\******\AppData\Local\Temp\GLF61F4.tmp.ConduitEngineSetup.exe
C:\Users\******\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\******\AppData\Local\Temp\mpengine.dll
C:\Users\******\AppData\Local\Temp\msg91B6.exe
C:\Users\******\AppData\Local\Temp\msgDCF0.exe
C:\Users\******\AppData\Local\Temp\MSN1728.exe
C:\Users\******\AppData\Local\Temp\rnsetup0.exe
C:\Users\******\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\******\AppData\Local\Temp\SkypeSetup.exe
C:\Users\******\AppData\Local\Temp\softonic-Germany.exe
C:\Users\******\AppData\Local\Temp\softonic_s_Germany.exe
C:\Users\******\AppData\Local\Temp\symlcsv1.exe
C:\Users\******\AppData\Local\Temp\tbBrot.dll
C:\Users\******\AppData\Local\Temp\tbsoft.dll
C:\Users\******\AppData\Local\Temp\_is5418.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-09-24 09:47

==================== End Of Log ============================
--- --- ---



Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2013
Ran by ****** at 2013-09-24 09:49:04
Running from C:\Users\******\Desktop\antiviruszeugs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Disabled - Out of date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Disabled - Out of date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958)
3D Wunschhaus Architekt 4.0 Plus (Version: 3D Wunschhaus 4.0 Plus)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Reader 8.1.2 - Deutsch (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)
AppCore (Version: 1)
ATI Catalyst Install Manager (Version: 3.0.643.0)
AV (Version: 1)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.2100)
Catalyst Control Center Core Implementation (Version: 2007.1011.2229.38348)
Catalyst Control Center Graphics Full Existing (Version: 2007.1011.2229.38348)
Catalyst Control Center Graphics Full New (Version: 2007.1011.2229.38348)
Catalyst Control Center Graphics Light (Version: 2007.1011.2229.38348)
Catalyst Control Center Graphics Previews Vista (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Chinese Standard (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Dutch (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization French (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization German (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Italian (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Japanese (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Korean (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Portuguese (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Spanish (Version: 2007.1011.2229.38348)
Catalyst Control Center Localization Swedish (Version: 2007.1011.2229.38348)
CCC Help Chinese Standard (Version: 2007.1011.2228.38348)
CCC Help Chinese Traditional (Version: 2007.1011.2228.38348)
CCC Help Dutch (Version: 2007.1011.2228.38348)
CCC Help English (Version: 2007.1011.2228.38348)
CCC Help French (Version: 2007.1011.2228.38348)
CCC Help German (Version: 2007.1011.2228.38348)
CCC Help Italian (Version: 2007.1011.2228.38348)
CCC Help Japanese (Version: 2007.1011.2228.38348)
CCC Help Korean (Version: 2007.1011.2228.38348)
CCC Help Portuguese (Version: 2007.1011.2228.38348)
CCC Help Spanish (Version: 2007.1011.2228.38348)
CCC Help Swedish (Version: 2007.1011.2228.38348)
ccc-core-static (Version: 2007.1011.2229.38348)
ccCommon (Version: 106.1.1.4)
ccc-utility (Version: 2007.1011.2229.38348)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
DOGS DIARY (Version: 1.0)
FirstSteps Diagnostics (Version: 1.00)
Google Chrome (Version: 29.0.1547.66)
Google Update Helper (Version: 1.3.21.153)
HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (Version: 22.0.334.0)
HP Deskjet 3050 J610 series Hilfe (Version: 140.0.63.63)
HP Photo Creations (Version: 1.0.0.3341)
HP Update (Version: 5.002.005.003)
Java Auto Updater (Version: 2.0.2.4)
Junk Mail filter update (Version: 14.0.8064.206)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Motorola SM56 Data Fax Modem
MSRedist (Version: 1.0.0.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Müller Foto
Nero 7 Essentials (Version: 7.02.5851)
Norma Fotobuch (Version: 3.6.3.23)
Norton AntiVirus (Version: 14.1.0.27)
Norton Confidential Browser Component (Version: 1.1.0.6)
Norton Confidential Web Protection Component (Version: 1.1.0.6)
Norton Internet Security (Symantec Corporation) (Version: 10.1.0.26)
Norton Internet Security (Version: 10.1.0)
Norton Internet Security (Version: 10.1.0.26)
Norton Protection Center (Version: 2007.1.2.11)
OpenOffice.org 3.3 (Version: 3.3.9567)
PowerDV (Version: 2.0.1812)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
Realtek High Definition Audio Driver
Rossmann Fotowelt Software 4.12.1 (Version: 4.12.1)
Skins (Version: 2007.1011.2229.38348)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.1 (Version: 6.1.129)
SPBBC 32bit (Version: 3.1.1.4)
Symantec Real Time Storage Protection Component (Version: 10.2.2.6)
SymNet (Version: 7.2.4.405)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VideoLAN VLC media player 0.8.6i (Version: 0.8.6i)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Family Safety (Version: 14.0.8064.206)
Windows Live Fotogalerie (Version: 14.0.8064.206)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Movie Maker-Betaversion (Version: 14.0.8064.0206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Writer (Version: 14.0.8064.0206)
Windows Live-Uploadtool (Version: 14.0.8014.1029)

==================== Restore Points  =========================

05-09-2013 04:58:57 Windows Update
07-09-2013 08:02:05 Geplanter Prüfpunkt
14-09-2013 21:46:01 Geplanter Prüfpunkt
15-09-2013 22:00:02 Geplanter Prüfpunkt
16-09-2013 22:00:02 Geplanter Prüfpunkt
24-09-2013 06:45:41 Removed Bing Bar
24-09-2013 06:50:28 Removed FirstSteps Diagnostics
24-09-2013 06:52:14 Removed Java(TM) 6 Update 5
24-09-2013 06:54:22 Removed Java(TM) 6 Update 22
24-09-2013 06:57:03 Adobe Reader 8.1.2 - Deutsch wird entfernt
24-09-2013 06:57:25 Adobe Reader 8.1.2 - Deutsch wird entfernt
24-09-2013 06:58:02 LiveUpdate Notice (Symantec Corporation) wird entfernt
24-09-2013 07:26:29 Removed Studie zur Verbesserung von HP Deskjet 3050 J610 series Produkten

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0837A429-5A59-4C08-A097-6F9E4D213164} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-07] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {26D2707C-8CF5-4F4B-AD86-F2647CE86FFC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {3013F603-E8FC-4112-B020-503A2CA2B387} - System32\Tasks\Microsoft\Windows\RestartManager\{26E6A403-B44A-4ec6-864C-1456BE97F393} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {61CB47BF-7B22-456C-BA6F-B017E3A6F82D} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe
Task: {842776F2-BB54-4B4B-80AB-2F07A3622E87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-24] (Google Inc.)
Task: {92CED2AE-1CDD-4D1C-A507-41A8F6C1DC21} - System32\Tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - ****** => c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07] (Symantec Corporation)
Task: {A5C1354C-7CBD-45E2-BA59-2F4B819C166F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-24] (Google Inc.)
Task: {C195260E-5596-4EDD-8830-A38DB4BD4761} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe
Task: {C2DA2C21-C366-49D2-8071-ED03A2F5A4E3} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] ()
Task: {D3233FAD-031B-4A01-B1E6-8050BD978286} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FB75E5EF-24BE-466B-BEF1-D7B5345C9010} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - ******.job => c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe

==================== Loaded Modules (whitelisted) =============

2008-04-06 20:50 - 2008-01-19 09:35 - 00223232 _____ () C:\Windows\system32\MSWSOCK.dll
2006-11-08 17:15 - 2006-11-08 17:15 - 00009384 _____ () C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.loc
2007-03-02 12:44 - 2007-03-02 12:44 - 00073728 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00069632 _____ (Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56eng.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2008-01-17 14:32 - 2006-11-22 18:31 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2008-04-06 20:50 - 2008-01-19 09:35 - 00223232 _____ () C:\Windows\system32\mswsock.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00102400 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2840.38602__90ba9c70f846762e\MOM.Implementation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2791.31986__90ba9c70f846762e\LOG.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2791.31993__90ba9c70f846762e\LOG.Foundation.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00061440 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2840.38601__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2791.32006__90ba9c70f846762e\MOM.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2791.32009__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2840.38309__90ba9c70f846762e\AEM.Server.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2791.31992__90ba9c70f846762e\NEWAEM.Foundation.dll
2008-01-17 14:29 - 2007-10-12 00:02 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2840.38602__90ba9c70f846762e\CCC.Implementation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00049152 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2791.32434__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00073728 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2840.38310__90ba9c70f846762e\CLI.Component.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2791.32008__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2791.31996__90ba9c70f846762e\CLI.Foundation.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2791.32001__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00006656 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2840.38309__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2791.31987__90ba9c70f846762e\AEM.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2791.32011__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2791.32001__90ba9c70f846762e\AEM.Server.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2840.38644__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2791.32025__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2791.32000__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2791.32015__90ba9c70f846762e\DEM.Graphics.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00245760 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2840.38318__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00057344 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2791.32002__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2791.32016__90ba9c70f846762e\DEM.OS.I0602.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2791.32016__90ba9c70f846762e\DEM.OS.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2791.32024__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2840.38311__90ba9c70f846762e\ATIDEMOS.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2791.31999__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2840.38339__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2840.38537__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2791.32030__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2833.15304__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2833.15206__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00036864 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2840.38473__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00077824 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2840.38579__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00036864 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2840.38503__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00032768 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2840.38523__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00057344 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2840.38474__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2833.15324__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00061440 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2791.32015__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2840.38609__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2791.32041__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2840.38310__90ba9c70f846762e\APM.Server.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2791.32006__90ba9c70f846762e\APM.Foundation.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00462848 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2840.38594__90ba9c70f846762e\CLI.Component.Systemtray.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2791.32004__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00471040 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2840.38348__90ba9c70f846762e\CLI.Component.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2791.31995__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2791.32039__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2840.38353__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00483328 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2840.38616__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00090112 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2840.38552__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 01675264 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2840.38361__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00196608 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2840.38373__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2791.32041__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00006656 _____ ( ) C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00401408 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2840.38565__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00307200 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2008-01-17 14:32 - 2008-01-17 14:32 - 00364544 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2840.38587__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 01503232 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2840.38327__90ba9c70f846762e\CLI.Component.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2791.31999__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2791.32010__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00073728 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2840.38332__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2791.32040__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2840.38594_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00135168 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2840.38621__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00212992 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2840.38380__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00434176 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2840.38340__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00118784 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2840.38504__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00479232 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2840.38475__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00401408 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2840.38524__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00901120 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2840.38580__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00331776 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2840.38467__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00352256 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00589824 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2840.38387__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00794624 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2840.38482__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2008-01-17 14:31 - 2008-01-17 14:31 - 00139264 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2840.38609__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2008-04-06 20:50 - 2008-01-19 09:35 - 00223232 _____ (Microsoft Corporation) \\.\globalroot\systemroot\system32\mswsock.dll
2008-04-06 20:50 - 2008-01-19 09:35 - 00223232 _____ (Microsoft Corporation) \\?\globalroot\systemroot\system32\mswsock.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2013 09:49:42 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x430, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:48:38 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x840, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:47:34 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x960, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:46:30 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0xe68, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:45:26 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0xd1c, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:35:57 AM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (09/24/2013 09:34:11 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x13a8, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:33:07 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x15b8, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:32:03 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x398, Anwendungsstartzeit svchost.exe0.

Error: (09/24/2013 09:30:58 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0xf70, Anwendungsstartzeit svchost.exe0.


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-09-24 09:48:43.100
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.944
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.773
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.617
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.461
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.289
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:42.133
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:48:41.961
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:15:07.415
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-24 09:15:07.246
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 2045.7 MB
Available physical RAM: 1123.77 MB
Total Pagefile: 4332.68 MB
Available Pagefile: 3257.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.31 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:148.1 GB) (Free:3.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:73.07 GB) (Free:10.96 GB) NTFS
Drive e: (DVD) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 8C8E29D2)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=148 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 24.09.2013 18:38
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

class 25.09.2013 19:36
ComboFix ist durch:

Code:
ComboFix 13-09-24.02 - ****** 25.09.2013  20:11:53.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.49.1031.18.2046.1253 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Desktop\Install
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\L\00000004.@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\L\76603ac3
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\00000004.@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\00000008.@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\000000cb.@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\80000000.@
c:\program files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\80000032.@
c:\users\******\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\******\AppData\Local\Google\Desktop\Install
c:\users\******\AppData\Local\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\C3C1~1\01C8~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\@
c:\users\******\AppData\Local\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\C3C1~1\01C8~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe
c:\users\******\AppData\Roaming\Iswii
c:\users\******\AppData\Roaming\Iswii\anyxl.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-08-25 bis 2013-09-25  ))))))))))))))))))))))))))))))
.
.
2013-09-25 18:19 . 2013-09-25 18:23        --------        d-----w-        c:\users\******\AppData\Local\temp
2013-09-24 07:47 . 2013-09-24 07:47        --------        d-----w-        C:\FRST
2013-09-07 16:38 . 2013-09-07 16:38        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-07 16:38 . 2013-09-07 16:38        692104        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-09-03 16:35 . 2013-08-19 22:47        7166848        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{589BE97F-7443-45A6-9CF8-1A0F4E4B30F1}\mpengine.dll
2013-09-03 16:35 . 2013-08-07 02:22        238872        ------w-        c:\windows\system32\MpSigStub.exe
2013-09-03 15:54 . 2013-09-03 15:54        --------        d-----w-        c:\users\******\AppData\Roaming\Avira
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18708224]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Skytel"="Skytel.exe" [2007-04-04 1822720]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DOGS DIARY.lnk]
path=c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DOGS DIARY.lnk
backup=c:\windows\pss\DOGS DIARY.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2006-10-24 22:08        107112        ----a-w-        c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
2009-02-06 16:08        454000        ----a-w-        c:\program files\Windows Live\Family Safety\fsui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-02-26 19:46        153136        ----a-w-        c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
2006-10-27 00:18        22696        ----a-w-        c:\program files\Norton Internet Security\osCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-29 16:38        583048        ----a-w-        c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-07-18 15:15        273544        ----a-w-        c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 06:56        1177552        ----a-w-        c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-07 16:38]
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 08:33]
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 08:33]
.
2013-08-23 c:\windows\Tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - ******.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.179.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{e8de9422-3b2c-4243-bf6f-235da84d8ef8} - (no file)
URLSearchHooks-{a51a36e6-31e7-4838-9ff7-76298b527ec0} - (no file)
WebBrowser-{E8DE9422-3B2C-4243-BF6F-235DA84D8EF8} - (no file)
WebBrowser-{A51A36E6-31E7-4838-9FF7-76298B527EC0} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKCU-Run-Ecyvcepa - c:\users\******\AppData\Roaming\Iswii\anyxl.exe
MSConfigStartUp-Bing Bar - c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
MSConfigStartUp-Google - c:\users\******\AppData\Roaming\jebfcait\verubjtg.exe
MSConfigStartUp-recinfo382 - c:\recinfo\RecInfo.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-3DWunschhausplusVA.Exe - c:\programme\BHV\Virtual Architecture\WunschhausPlusUninstall.exe
AddRemove-Müller Foto - c:\users\******\Müller Foto\uninstall.exe
AddRemove-Rossmann Fotowelt Software - c:\users\******\Desktop\Rossmann Fotowelt Software\Deinstallieren.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-09-25 20:24
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BFE]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
"ImagePath"="."
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Windows Live\Family Safety\fsssvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-09-25  20:30:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-09-25 18:30
.
Vor Suchlauf: 5.327.699.968 Bytes frei
Nach Suchlauf: 6.603.042.816 Bytes frei
.
- - End Of File - - F28BA35C4499F0F66BDA9E731C0760CC
5C616939100B85E558DA92B899A0FC36

schrauber 26.09.2013 08:32
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

class 27.09.2013 19:24
Okay habe alle Scans fertig.

MBAM:
[CODE]Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.27.04

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
****** :: ******SLAPTOP [Administrator]

27.09.2013 16:27:46
mbam-log-2013-09-27 (16-27-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 366944
Laufzeit: 1 Stunde(n), 56 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 19
C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe.vir (Malware.Packer.ASF) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\00000004.@.vir (Rootkit.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\000000cb.@.vir (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\80000000.@.vir (Trojan.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Users\******\AppData\Local\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\C3C1~1\01C8~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe.vir (Malware.Packer.ASF) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Users\******\AppData\Roaming\Iswii\anyxl.exe.vir (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\assembly\GAC\Desktop.ini (Rootkit.0access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_08-10-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_08-11-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_08-12-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_08-13-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_08-14-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\******\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
[/CODE

AdwCleaner:
Code:
# AdwCleaner v3.005 - Bericht erstellt am 27/09/2013 um 19:09:19
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzername : ****** - ******SLAPTOP
# Gestartet von : C:\Users\******\Desktop\adwcleaner3005.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Users\******\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2449729
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2463487
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browser ] *****

-\\ Internet Explorer v8.0.6001.19088


-\\ Google Chrome v29.0.1547.66

[ Datei : C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2775 octets] - [27/09/2013 18:59:57]
AdwCleaner[S0].txt - [2619 octets] - [27/09/2013 19:09:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2679 octets] ##########
JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Lena on 27.09.2013 at 19:42:04,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.09.2013 at 19:44:37,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by ****** (administrator) on ******SLAPTOP on 27-09-2013 20:18:30
Running from C:\Users\******\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4431872 2007-04-10] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [630784 2006-11-22] (Motorola Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-04-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-09-24] (APN)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18708224 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -  No File
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 33 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Skype Click to Call) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.)
S3 BFE; C:\Windows\System32\. [0 2013-09-27] ()
S3 MpsSvc; C:\Windows\System32\. [0 2013-09-27] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-20] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\  \...\???\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-27] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [247352 2008-01-19] (Microsoft Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [46592 2007-04-04] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-27] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:07 - 2013-09-27 20:05 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 20:06 - 2013-09-27 20:08 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:39 - 2013-09-27 19:40 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 18:59 - 2013-09-27 19:09 - 00000000 ____D C:\AdwCleaner
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-27 16:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:08 - 2013-09-25 20:30 - 00000000 ____D C:\Qoobox
2013-09-25 20:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-25 20:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-25 20:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-25 20:07 - 2013-09-25 20:28 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:06 - 2013-09-25 19:58 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:46 - 2013-09-25 20:06 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-24 09:46 - 2013-09-24 09:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:46 - 2013-09-24 09:43 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:46 - 2013-09-24 09:41 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-27 20:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-03 18:35 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss

==================== One Month Modified Files and Folders =======

2013-09-27 20:17 - 2013-09-07 18:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-27 20:13 - 2010-11-24 10:33 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-27 20:13 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-27 20:13 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-27 20:13 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-27 20:12 - 2008-03-01 14:54 - 01898294 _____ C:\Windows\WindowsUpdate.log
2013-09-27 20:12 - 2008-01-17 15:01 - 00141006 _____ C:\Windows\PFRO.log
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\ProgramData\Symantec
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-09-27 20:12 - 2006-11-02 15:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:08 - 2013-09-27 20:06 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 20:05 - 2013-09-27 20:07 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 19:55 - 2010-11-24 10:33 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:40 - 2013-09-27 19:39 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 19:09 - 2013-09-27 18:59 - 00000000 ____D C:\AdwCleaner
2013-09-27 18:49 - 2008-01-17 22:17 - 00000000 ____D C:\Windows\Panther
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-25 20:36 - 2008-08-22 03:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:30 - 2013-09-25 20:08 - 00000000 ____D C:\Qoobox
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-25 20:28 - 2013-09-25 20:07 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:23 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-25 20:08 - 2008-03-01 14:58 - 00000000 ____D C:\Users\******
2013-09-25 20:06 - 2013-09-24 09:46 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-25 19:58 - 2013-09-25 20:06 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:43 - 2013-09-24 09:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:43 - 2013-09-24 09:46 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:41 - 2013-09-24 09:46 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-24 08:53 - 2008-05-16 22:06 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-07 18:36 - 2008-04-06 20:50 - 00000000 __SHD C:\Users\******\AppData\Roaming\jebfcait
2013-09-07 09:30 - 2013-08-13 08:45 - 00000000 ____D C:\Users\******\AppData\Roaming\Zionb
2013-09-07 09:27 - 2009-01-25 16:09 - 00000000 ____D C:\Program Files\Windows Live
2013-09-05 06:58 - 2008-05-16 22:09 - 00000000 ____D C:\Program Files\Google
2013-09-04 16:08 - 2008-03-01 15:06 - 00058880 _____ C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 09:00 - 2011-07-18 17:14 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-03 18:11 - 2008-01-17 14:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-03 18:11 - 2006-11-02 13:18 - 00000000 __RSD C:\Windows\Media
2013-09-03 18:05 - 2008-05-16 22:14 - 00000000 ____D C:\Users\******\AppData\Local\Google
2013-09-03 18:05 - 2008-05-16 22:09 - 00000000 ____D C:\ProgramData\Google
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss
2013-09-03 17:42 - 2009-07-14 08:29 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-09-03 14:28 - 2011-12-14 20:56 - 00000000 ____D C:\Users\******\Desktop\'Bilder
2013-08-29 19:41 - 2006-11-02 12:33 - 00005548 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 19:25 - 2012-01-20 14:57 - 00000000 ____D C:\Users\******\Desktop\HAus

Some content of TEMP:
====================
C:\Users\******\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-27 20:02

==================== End Of Log ============================
--- --- ---

schrauber 28.09.2013 15:07

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

class 29.09.2013 01:46
Eset hat noch was gefunden:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d8e1988cc9ae8b429785a8b7f18cabc4
# engine=15293
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-29 12:08:35
# local_time=2013-09-29 02:08:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 95 9449 108345 0 0
# compatibility_mode=5892 16776574 100 100 100752 217946043 0 0
# scanned=197381
# found=2
# cleaned=0
# scan_time=5696
sh=2587B2A16644839CBF08F2943FA21CC0C8DD6E5D ft=1 fh=1aeb32f3d5992c2a vn="Win32/Conedex.T trojan" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\00000008.@.vir"
sh=1CF088790B2D02ACD5CE12B0CF6FFD4031651C67 ft=1 fh=62f26643824ac8a6 vn="probably a variant of Win32/Sirefef.FV trojan" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\0103~1\7154~1\CFFE~1\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\U\80000032.@.vir"

SecurityCheck:
Code:
Results of screen317's Security Check version 0.99.73 
 Windows Vista Service Pack 2 x86 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java version out of Date!
 Adobe Reader 8 Adobe Reader out of Date!
 Adobe Reader XI (KB403742..)
 Mozilla Firefox (24.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 OnlineDiagnostic TestManager TestHandler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by ****** (administrator) on ******SLAPTOP on 29-09-2013 02:35:47
Running from C:\Users\******\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4431872 2007-04-10] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1458176 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-04-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-27] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18708224 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -  No File
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\7q7jvhg9.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.)
S3 BFE; C:\Windows\System32\. [0 2013-09-28] ()
S3 MpsSvc; C:\Windows\System32\. [0 2013-09-28] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-20] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\  \...\???\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-27] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [46592 2007-04-04] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-27] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 02:35 - 2013-09-29 02:35 - 00000915 _____ C:\Users\******\Desktop\checkup.txt
2013-09-29 02:22 - 2013-09-29 02:22 - 00891144 _____ C:\Users\******\Desktop\SecurityCheck.exe
2013-09-29 02:20 - 2013-09-29 02:20 - 00001304 _____ C:\Users\******\Desktop\eset.txt
2013-09-28 23:31 - 2013-09-28 23:31 - 98442955 _____ C:\Windows\system32\﹌돌᬴ˆ
2013-09-28 10:23 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-28 10:23 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-28 10:23 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-28 10:23 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-28 10:23 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-28 10:23 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-28 10:23 - 2011-03-12 23:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-28 01:56 - 2013-09-28 01:56 - 00000955 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 01:48 - 2013-09-28 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-09-28 00:50 - 2009-09-10 04:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-09-28 00:50 - 2009-09-10 04:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-09-28 00:50 - 2009-09-10 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-09-28 00:48 - 2009-10-01 03:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2013-09-28 00:48 - 2009-10-01 03:01 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2013-09-28 00:38 - 2012-02-29 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-09-28 00:38 - 2012-02-29 17:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-09-28 00:38 - 2012-02-29 15:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-09-28 00:19 - 2013-09-28 00:19 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-28 00:19 - 2013-09-28 00:19 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-28 00:19 - 2013-09-28 00:19 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-28 00:19 - 2013-09-28 00:19 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-28 00:19 - 2013-09-28 00:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-28 00:19 - 2013-09-28 00:19 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-28 00:17 - 2013-09-28 00:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-09-28 00:16 - 2013-09-28 00:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-28 00:14 - 2013-09-28 00:19 - 00004461 _____ C:\Windows\IE9_main.log
2013-09-27 23:49 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-09-27 23:49 - 2012-06-02 16:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-09-27 23:48 - 2012-07-26 05:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-09-27 23:48 - 2012-07-26 05:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-09-27 23:48 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-09-27 23:48 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-09-27 23:48 - 2012-07-26 04:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-09-27 23:48 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-09-27 23:48 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-09-27 23:48 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-09-27 23:36 - 2012-12-16 15:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-09-27 23:36 - 2012-12-16 12:50 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-09-27 23:33 - 2011-02-22 16:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-27 23:32 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-27 23:32 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-09-27 23:32 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-27 23:32 - 2013-03-09 05:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-27 23:32 - 2013-03-09 03:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-27 23:32 - 2011-10-14 18:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-09-27 23:31 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-09-27 23:31 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-09-27 23:31 - 2013-04-15 16:20 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-09-27 23:31 - 2013-04-13 12:56 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-09-27 23:31 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-09-27 23:31 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-09-27 23:31 - 2012-06-05 18:47 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-09-27 23:31 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-09-27 23:31 - 2011-10-25 17:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-27 23:31 - 2011-08-25 18:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-09-27 23:31 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-27 23:31 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-09-27 23:31 - 2011-08-25 15:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2013-09-27 23:30 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-27 23:30 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-27 23:30 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-27 23:30 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-27 23:30 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-27 23:30 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-09-27 23:30 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-27 23:30 - 2013-03-03 21:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-09-27 23:30 - 2012-08-21 13:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-09-27 23:30 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-27 23:30 - 2012-06-04 17:26 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-09-27 23:30 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-27 23:30 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-27 23:30 - 2011-11-16 18:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-09-27 23:30 - 2011-11-16 18:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-09-27 23:30 - 2011-11-16 18:21 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-27 23:30 - 2011-11-16 16:12 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-09-27 23:29 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-27 23:29 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-09-27 23:29 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-27 23:29 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-09-27 23:29 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-09-27 23:29 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-09-27 23:29 - 2013-03-08 05:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-27 23:29 - 2013-02-12 03:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-09-27 23:29 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-09-27 23:29 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-09-27 23:29 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-09-27 23:29 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-09-27 23:29 - 2012-09-28 18:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-27 23:29 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-09-27 23:29 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-09-27 23:29 - 2012-05-01 16:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-27 23:29 - 2012-03-21 01:28 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-09-27 23:29 - 2011-11-18 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-09-27 23:29 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-27 23:29 - 2011-10-14 18:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2013-09-27 23:29 - 2011-07-29 18:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-09-27 23:29 - 2011-07-29 18:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-09-27 23:29 - 2011-07-29 18:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-09-27 23:29 - 2011-07-29 18:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-09-27 23:29 - 2011-06-15 18:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-09-27 23:29 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2013-09-27 23:16 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-27 23:11 - 2012-01-09 17:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-27 22:52 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-27 22:52 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-27 22:52 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-27 22:52 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-27 22:52 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-27 21:06 - 2013-09-27 21:06 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-27 20:52 - 2013-09-27 20:51 - 01070632 _____ (Solid State Networks) C:\Users\******\Desktop\install_reader10_de_mssd_aaa_aih - Kopie.exe
2013-09-27 20:37 - 2013-09-27 20:37 - 00000000 ____D C:\Users\******\AppData\Local\AskPartnerNetwork
2013-09-27 20:28 - 2013-09-27 20:28 - 00000852 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Roaming\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Local\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-27 20:25 - 2013-09-27 20:25 - 00281896 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 24.0.exe
2013-09-27 20:21 - 2013-09-27 20:21 - 00024156 _____ C:\Users\******\Desktop\FRST_alt.txt
2013-09-27 20:21 - 2013-09-27 20:21 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:07 - 2013-09-27 20:05 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 20:06 - 2013-09-27 20:08 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:39 - 2013-09-27 19:40 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 18:59 - 2013-09-27 19:09 - 00000000 ____D C:\AdwCleaner
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-27 16:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:08 - 2013-09-25 20:30 - 00000000 ____D C:\Qoobox
2013-09-25 20:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-25 20:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-25 20:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-25 20:07 - 2013-09-25 20:28 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:06 - 2013-09-25 19:58 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:46 - 2013-09-25 20:06 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-24 09:46 - 2013-09-24 09:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:46 - 2013-09-24 09:43 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:46 - 2013-09-24 09:41 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-29 02:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-03 18:35 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss

==================== One Month Modified Files and Folders =======

2013-09-29 02:35 - 2013-09-29 02:35 - 00000915 _____ C:\Users\******\Desktop\checkup.txt
2013-09-29 02:22 - 2013-09-29 02:22 - 00891144 _____ C:\Users\******\Desktop\SecurityCheck.exe
2013-09-29 02:21 - 2008-03-01 14:54 - 01306656 _____ C:\Windows\WindowsUpdate.log
2013-09-29 02:20 - 2013-09-29 02:20 - 00001304 _____ C:\Users\******\Desktop\eset.txt
2013-09-29 02:17 - 2013-09-07 18:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-29 01:27 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-29 01:27 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-28 23:33 - 2006-11-02 12:33 - 00005188 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-28 23:31 - 2013-09-28 23:31 - 98442955 _____ C:\Windows\system32\﹌돌᬴ˆ
2013-09-28 23:30 - 2008-08-22 03:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2013-09-28 23:27 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-28 17:30 - 2006-11-02 15:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-28 10:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-09-28 10:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-28 01:56 - 2013-09-28 01:56 - 00000955 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 01:52 - 2006-11-02 14:47 - 00405816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-28 01:48 - 2013-09-28 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-TW
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sk-SK
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ro-RO
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-PT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-BR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nl-NL
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lv-LV
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lt-LT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ja-JP
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\it-IT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fi-FI
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\el-GR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-28 01:47 - 2006-11-02 17:31 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-09-28 01:47 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-09-28 01:47 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-CN
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\uk-UA
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\th-TH
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sv-SE
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sl-SI
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ru-RU
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pl-PL
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nb-NO
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ko-KR
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hu-HU
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hr-HR
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\et-EE
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\bg-BG
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ar-SA
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-09-28 01:46 - 2006-11-02 14:52 - 00080221 _____ C:\Windows\setupact.log
2013-09-28 00:36 - 2008-03-01 14:58 - 00000000 ____D C:\Users\******
2013-09-28 00:19 - 2013-09-28 00:19 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-28 00:19 - 2013-09-28 00:19 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-28 00:19 - 2013-09-28 00:19 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-28 00:19 - 2013-09-28 00:19 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-28 00:19 - 2013-09-28 00:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-28 00:19 - 2013-09-28 00:19 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-28 00:19 - 2013-09-28 00:14 - 00004461 _____ C:\Windows\IE9_main.log
2013-09-28 00:19 - 2006-11-02 08:32 - 00008798 _____ C:\Windows\system32\icrav03.rat
2013-09-28 00:19 - 2006-11-02 08:32 - 00001988 _____ C:\Windows\system32\ticrf.rat
2013-09-28 00:17 - 2013-09-28 00:17 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-28 00:17 - 2013-09-28 00:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-09-28 00:16 - 2013-09-28 00:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-27 22:45 - 2008-01-17 15:01 - 00143136 _____ C:\Windows\PFRO.log
2013-09-27 22:42 - 2008-01-17 14:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-27 22:30 - 2013-07-24 21:30 - 00000000 ____D C:\Windows\system32\MRT
2013-09-27 22:27 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-27 22:19 - 2008-03-01 14:59 - 00000921 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\SLUI
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\IME
2013-09-27 22:05 - 2008-01-17 14:32 - 00000000 ____D C:\Windows\system32\RTCOM
2013-09-27 21:06 - 2013-09-27 21:06 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-27 21:04 - 2008-01-17 14:55 - 00000000 ____D C:\Program Files\Microsoft Office
2013-09-27 21:02 - 2008-03-13 10:33 - 00000000 ____D C:\Users\******\AppData\Local\Adobe
2013-09-27 20:51 - 2013-09-27 20:52 - 01070632 _____ (Solid State Networks) C:\Users\******\Desktop\install_reader10_de_mssd_aaa_aih - Kopie.exe
2013-09-27 20:48 - 2008-01-17 14:38 - 00000000 ____D C:\ProgramData\Adobe
2013-09-27 20:37 - 2013-09-27 20:37 - 00000000 ____D C:\Users\******\AppData\Local\AskPartnerNetwork
2013-09-27 20:37 - 2008-05-16 22:09 - 00000000 ____D C:\Program Files\Google
2013-09-27 20:28 - 2013-09-27 20:28 - 00000852 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Roaming\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Local\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-27 20:25 - 2013-09-27 20:25 - 00281896 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 24.0.exe
2013-09-27 20:21 - 2013-09-27 20:21 - 00024156 _____ C:\Users\******\Desktop\FRST_alt.txt
2013-09-27 20:21 - 2013-09-27 20:21 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-27 20:16 - 2013-09-27 20:16 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\ProgramData\Symantec
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:08 - 2013-09-27 20:06 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 20:05 - 2013-09-27 20:07 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:40 - 2013-09-27 19:39 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 19:09 - 2013-09-27 18:59 - 00000000 ____D C:\AdwCleaner
2013-09-27 18:49 - 2008-01-17 22:17 - 00000000 ____D C:\Windows\Panther
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:30 - 2013-09-25 20:08 - 00000000 ____D C:\Qoobox
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-25 20:28 - 2013-09-25 20:07 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:23 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-25 20:06 - 2013-09-24 09:46 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-25 19:58 - 2013-09-25 20:06 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:43 - 2013-09-24 09:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:43 - 2013-09-24 09:46 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:41 - 2013-09-24 09:46 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-24 08:53 - 2008-05-16 22:06 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-07 18:36 - 2008-04-06 20:50 - 00000000 __SHD C:\Users\******\AppData\Roaming\jebfcait
2013-09-07 09:30 - 2013-08-13 08:45 - 00000000 ____D C:\Users\******\AppData\Roaming\Zionb
2013-09-07 09:27 - 2009-01-25 16:09 - 00000000 ____D C:\Program Files\Windows Live
2013-09-04 16:08 - 2008-03-01 15:06 - 00058880 _____ C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-03 18:11 - 2008-01-17 14:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-03 18:11 - 2006-11-02 13:18 - 00000000 __RSD C:\Windows\Media
2013-09-03 18:05 - 2008-05-16 22:14 - 00000000 ____D C:\Users\******\AppData\Local\Google
2013-09-03 18:05 - 2008-05-16 22:09 - 00000000 ____D C:\ProgramData\Google
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss
2013-09-03 17:42 - 2009-07-14 08:29 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-09-03 14:28 - 2011-12-14 20:56 - 00000000 ____D C:\Users\******\Desktop\'Bilder

Some content of TEMP:
====================
C:\Users\******\AppData\Local\temp\install_reader10_de_mssd_aaa_aih.exe
C:\Users\******\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-28 23:36

==================== End Of Log ============================
--- --- ---

schrauber 29.09.2013 17:47
Sachen sind schon in Quarantäne.

Java und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\  \...\???\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


class 29.09.2013 19:45
Liste der Anhänge anzeigen (Anzahl: 1)
Java ist gar nicht installiert.

Adobe Reader kann ich irgendwie nicht aktualisieren...
Bzw beim Deinstallieren sagt er mir das das Laufwerk R: nicht gültig ist... (siehe angehängtes Bild)
Adobe Reader ist aber auf C: installiert:
C:\Program Files\Adobe\Reader 8.0



FRST Fixlog:
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-09-2013
Ran by ****** at 2013-09-29 20:22:48 Run:1
Running from C:\Users\******\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\  \...\???\{c9c45116-9c10-04d6-b731-c9edb951f7d4}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
*****************

*etadpug => Service deleted successfully.

==== End of Fixlog ====

schrauber 30.09.2013 08:59
Revo Uninstaller - Download - Filepony
damit Adobe deinstallieren, Reste entfernen lassen, neu installieren.

Noch Problme?

class 02.10.2013 08:45
Liste der Anhänge anzeigen (Anzahl: 1)
Jetzt konnte ich es Deinstallieren und habe auch alle Registry Einträge und Dateien öschen lassen....
Bekomme jetzt aber die gleiche Meldung beim Installieren!
(Siehe Angehängtes Bild)

schrauber 02.10.2013 19:39
Postemal bitte ein frisches FRST Log.

class 03.10.2013 11:53

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013 (ATTENTION: ====> FRST version is 9 days old and could be outdated)
Ran by ****** (administrator) on ******SLAPTOP on 03-10-2013 12:49:58
Running from C:\Users\******\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Advanced Micro Devices Inc.) c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Fujitsu Siemens Computers) C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4431872 2007-04-10] (Realtek Semiconductor)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1458176 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1822720 2007-04-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-27] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18708224 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -  No File
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1

FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\7q7jvhg9.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-27] (Avira Operations GmbH & Co. KG)
S3 BFE; C:\Windows\System32\. [0 2013-10-02] ()
S3 MpsSvc; C:\Windows\System32\. [0 2013-10-02] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-20] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 TestHandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [204800 2006-12-08] (Fujitsu Siemens Computers)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-27] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [46592 2007-04-04] (Windows (R) Codename Longhorn DDK provider)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-27] (Avira GmbH)
S4 viamraid; C:\Windows\system32\drivers\viamraid.sys [102912 2006-11-08] (VIA Technologies inc,.ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-02 09:28 - 2013-10-02 09:28 - 01070512 _____ (Solid State Networks) C:\Users\******\Desktop\install_reader10_de_mssd_aaa_aih.exe
2013-10-02 09:10 - 2013-10-02 09:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\******\Desktop\revosetup95.exe
2013-10-02 09:10 - 2013-10-02 09:10 - 00001063 _____ C:\Users\******\Desktop\Revo Uninstaller.lnk
2013-10-02 09:10 - 2013-10-02 09:10 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-29 02:37 - 2013-09-29 02:37 - 00062928 _____ C:\Users\******\Desktop\FRST_alt2.txt
2013-09-29 02:35 - 2013-09-29 02:35 - 00000915 _____ C:\Users\******\Desktop\checkup.txt
2013-09-29 02:22 - 2013-09-29 02:22 - 00891144 _____ C:\Users\******\Desktop\SecurityCheck.exe
2013-09-29 02:20 - 2013-09-29 02:45 - 00001304 _____ C:\Users\******\Desktop\eset.txt
2013-09-28 10:23 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-28 10:23 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-28 10:23 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-28 10:23 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-28 10:23 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-28 10:23 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-28 10:23 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-28 10:23 - 2011-03-12 23:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-28 01:56 - 2013-09-28 01:56 - 00000955 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 01:48 - 2013-09-28 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-09-28 00:50 - 2009-09-10 04:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-09-28 00:50 - 2009-09-10 04:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-09-28 00:50 - 2009-09-10 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2013-09-28 00:48 - 2009-10-01 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-09-28 00:48 - 2009-10-01 03:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-09-28 00:48 - 2009-10-01 03:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2013-09-28 00:48 - 2009-10-01 03:01 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2013-09-28 00:38 - 2012-02-29 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-09-28 00:38 - 2012-02-29 17:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-09-28 00:38 - 2012-02-29 15:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-09-28 00:19 - 2013-09-28 00:19 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-28 00:19 - 2013-09-28 00:19 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-28 00:19 - 2013-09-28 00:19 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-28 00:19 - 2013-09-28 00:19 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-28 00:19 - 2013-09-28 00:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-28 00:19 - 2013-09-28 00:19 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-28 00:17 - 2013-09-28 00:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-09-28 00:16 - 2013-09-28 00:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-28 00:14 - 2013-09-28 00:19 - 00004461 _____ C:\Windows\IE9_main.log
2013-09-27 23:49 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-09-27 23:49 - 2012-06-02 16:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-09-27 23:48 - 2012-07-26 05:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-09-27 23:48 - 2012-07-26 05:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-09-27 23:48 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-09-27 23:48 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-09-27 23:48 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-09-27 23:48 - 2012-07-26 04:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-09-27 23:48 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-09-27 23:48 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-09-27 23:48 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-09-27 23:36 - 2012-12-16 15:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-09-27 23:36 - 2012-12-16 12:50 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-09-27 23:33 - 2011-02-22 16:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-27 23:32 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-27 23:32 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-09-27 23:32 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-27 23:32 - 2013-03-09 05:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-27 23:32 - 2013-03-09 03:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-27 23:32 - 2011-10-14 18:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-09-27 23:31 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-09-27 23:31 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-09-27 23:31 - 2013-04-15 16:20 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-09-27 23:31 - 2013-04-13 12:56 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-09-27 23:31 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-09-27 23:31 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-09-27 23:31 - 2012-06-05 18:47 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-09-27 23:31 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-09-27 23:31 - 2011-10-25 17:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-27 23:31 - 2011-08-25 18:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-09-27 23:31 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-27 23:31 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-09-27 23:31 - 2011-08-25 15:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2013-09-27 23:30 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-27 23:30 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-27 23:30 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-27 23:30 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-27 23:30 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-27 23:30 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-09-27 23:30 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-27 23:30 - 2013-03-03 21:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-09-27 23:30 - 2012-08-21 13:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-09-27 23:30 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-27 23:30 - 2012-06-04 17:26 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-09-27 23:30 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-27 23:30 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-27 23:30 - 2011-11-16 18:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-09-27 23:30 - 2011-11-16 18:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-09-27 23:30 - 2011-11-16 18:21 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-27 23:30 - 2011-11-16 16:12 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-09-27 23:29 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-27 23:29 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-09-27 23:29 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-27 23:29 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-09-27 23:29 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-09-27 23:29 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-09-27 23:29 - 2013-03-08 05:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-27 23:29 - 2013-02-12 03:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-09-27 23:29 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-09-27 23:29 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-09-27 23:29 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-09-27 23:29 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-09-27 23:29 - 2012-09-28 18:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-27 23:29 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-09-27 23:29 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-09-27 23:29 - 2012-05-01 16:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-27 23:29 - 2012-03-21 01:28 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-09-27 23:29 - 2011-11-18 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-09-27 23:29 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-27 23:29 - 2011-10-14 18:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2013-09-27 23:29 - 2011-07-29 18:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-09-27 23:29 - 2011-07-29 18:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-09-27 23:29 - 2011-07-29 18:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-09-27 23:29 - 2011-07-29 18:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-09-27 23:29 - 2011-06-15 18:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-09-27 23:29 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2013-09-27 23:16 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-27 23:16 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-27 23:11 - 2012-01-09 17:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-27 22:52 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-27 22:52 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-27 22:52 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-27 22:52 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-27 22:52 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-27 22:52 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-27 22:07 - 2013-09-27 22:08 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-27 21:06 - 2013-09-27 21:06 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-27 20:52 - 2013-09-27 20:51 - 01070632 _____ (Solid State Networks) C:\Users\******\Desktop\alt_install_reader10_de_mssd_aaa_aih - Kopiesdg.exe
2013-09-27 20:28 - 2013-09-27 20:28 - 00000852 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Roaming\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Local\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-27 20:25 - 2013-09-27 20:25 - 00281896 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 24.0.exe
2013-09-27 20:21 - 2013-09-27 20:21 - 00024156 _____ C:\Users\******\Desktop\FRST_alt.txt
2013-09-27 20:21 - 2013-09-27 20:21 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:07 - 2013-09-27 20:05 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:07 - 2013-09-27 20:05 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 20:06 - 2013-09-27 20:08 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:39 - 2013-09-27 19:40 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 18:59 - 2013-09-27 19:09 - 00000000 ____D C:\AdwCleaner
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-27 16:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:08 - 2013-09-25 20:30 - 00000000 ____D C:\Qoobox
2013-09-25 20:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-25 20:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-25 20:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-25 20:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-25 20:07 - 2013-09-25 20:28 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:06 - 2013-09-25 19:58 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:46 - 2013-09-25 20:06 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-24 09:46 - 2013-09-24 09:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:46 - 2013-09-24 09:43 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:46 - 2013-09-24 09:42 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:46 - 2013-09-24 09:41 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:46 - 2013-09-24 09:40 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-10-02 09:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-03 18:35 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss

==================== One Month Modified Files and Folders =======

2013-10-03 12:45 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-03 12:45 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-03 12:45 - 2006-11-02 14:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 09:45 - 2008-03-01 14:54 - 01354905 _____ C:\Windows\WindowsUpdate.log
2013-10-02 09:45 - 2006-11-02 15:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-02 09:43 - 2008-03-13 10:33 - 00000000 ____D C:\Users\******\AppData\Local\Adobe
2013-10-02 09:28 - 2013-10-02 09:28 - 01070512 _____ (Solid State Networks) C:\Users\******\Desktop\install_reader10_de_mssd_aaa_aih.exe
2013-10-02 09:25 - 2006-11-02 12:33 - 00005188 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-02 09:17 - 2013-09-07 18:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-02 09:16 - 2008-01-17 14:38 - 00000000 ____D C:\Programme
2013-10-02 09:13 - 2008-04-01 08:57 - 00000000 ____D C:\Program Files\Adobe
2013-10-02 09:10 - 2013-10-02 09:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\******\Desktop\revosetup95.exe
2013-10-02 09:10 - 2013-10-02 09:10 - 00001063 _____ C:\Users\******\Desktop\Revo Uninstaller.lnk
2013-10-02 09:10 - 2013-10-02 09:10 - 00000000 ____D C:\Program Files\VS Revo Group
2013-09-29 20:17 - 2008-08-22 03:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2013-09-29 20:11 - 2008-01-17 15:01 - 00143934 _____ C:\Windows\PFRO.log
2013-09-29 02:45 - 2013-09-29 02:20 - 00001304 _____ C:\Users\******\Desktop\eset.txt
2013-09-29 02:37 - 2013-09-29 02:37 - 00062928 _____ C:\Users\******\Desktop\FRST_alt2.txt
2013-09-29 02:35 - 2013-09-29 02:35 - 00000915 _____ C:\Users\******\Desktop\checkup.txt
2013-09-29 02:22 - 2013-09-29 02:22 - 00891144 _____ C:\Users\******\Desktop\SecurityCheck.exe
2013-09-28 10:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-09-28 10:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-28 01:56 - 2013-09-28 01:56 - 00000955 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 01:52 - 2006-11-02 14:47 - 00405816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-28 01:48 - 2013-09-28 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-TW
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sk-SK
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ro-RO
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-PT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-BR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nl-NL
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lv-LV
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lt-LT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ja-JP
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\it-IT
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fi-FI
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\el-GR
2013-09-28 01:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-28 01:47 - 2006-11-02 17:31 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-09-28 01:47 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-09-28 01:47 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-CN
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\uk-UA
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\th-TH
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sv-SE
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sl-SI
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ru-RU
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pl-PL
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nb-NO
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ko-KR
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hu-HU
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hr-HR
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\et-EE
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\bg-BG
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ar-SA
2013-09-28 01:47 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-09-28 01:46 - 2013-09-28 01:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-09-28 01:46 - 2006-11-02 14:52 - 00080221 _____ C:\Windows\setupact.log
2013-09-28 00:36 - 2008-03-01 14:58 - 00000000 ____D C:\Users\******
2013-09-28 00:19 - 2013-09-28 00:19 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-28 00:19 - 2013-09-28 00:19 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-28 00:19 - 2013-09-28 00:19 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-28 00:19 - 2013-09-28 00:19 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-28 00:19 - 2013-09-28 00:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-28 00:19 - 2013-09-28 00:19 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-28 00:19 - 2013-09-28 00:19 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-28 00:19 - 2013-09-28 00:19 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-28 00:19 - 2013-09-28 00:14 - 00004461 _____ C:\Windows\IE9_main.log
2013-09-28 00:19 - 2006-11-02 08:32 - 00008798 _____ C:\Windows\system32\icrav03.rat
2013-09-28 00:19 - 2006-11-02 08:32 - 00001988 _____ C:\Windows\system32\ticrf.rat
2013-09-28 00:17 - 2013-09-28 00:17 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-09-28 00:17 - 2013-09-28 00:17 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-28 00:17 - 2013-09-28 00:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-09-28 00:17 - 2013-09-28 00:17 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-09-28 00:16 - 2013-09-28 00:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-09-28 00:16 - 2013-09-28 00:16 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-27 22:42 - 2008-01-17 14:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-27 22:30 - 2013-07-24 21:30 - 00000000 ____D C:\Windows\system32\MRT
2013-09-27 22:27 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-27 22:19 - 2008-03-01 14:59 - 00000921 _____ C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-09-27 22:09 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-27 22:08 - 2013-09-27 22:07 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\SLUI
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-09-27 22:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\IME
2013-09-27 22:05 - 2008-01-17 14:32 - 00000000 ____D C:\Windows\system32\RTCOM
2013-09-27 21:06 - 2013-09-27 21:06 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-27 21:04 - 2008-01-17 14:55 - 00000000 ____D C:\Program Files\Microsoft Office
2013-09-27 20:51 - 2013-09-27 20:52 - 01070632 _____ (Solid State Networks) C:\Users\******\Desktop\alt_install_reader10_de_mssd_aaa_aih - Kopiesdg.exe
2013-09-27 20:48 - 2008-01-17 14:38 - 00000000 ____D C:\ProgramData\Adobe
2013-09-27 20:37 - 2008-05-16 22:09 - 00000000 ____D C:\Program Files\Google
2013-09-27 20:28 - 2013-09-27 20:28 - 00000852 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Roaming\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Users\******\AppData\Local\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-27 20:28 - 2013-09-27 20:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-27 20:25 - 2013-09-27 20:25 - 00281896 _____ (Mozilla) C:\Users\******\Downloads\Firefox Setup Stub 24.0.exe
2013-09-27 20:21 - 2013-09-27 20:21 - 00024156 _____ C:\Users\******\Desktop\FRST_alt.txt
2013-09-27 20:21 - 2013-09-27 20:21 - 00000000 ____D C:\Users\******\AppData\Roaming\Avira
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\ProgramData\Symantec
2013-09-27 20:12 - 2008-01-17 14:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-09-27 20:09 - 2013-09-27 20:09 - 00000000 ____D C:\ProgramData\APN
2013-09-27 20:08 - 2013-09-27 20:08 - 00001853 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-27 20:08 - 2013-09-27 20:06 - 00000000 ____D C:\ProgramData\Avira
2013-09-27 20:07 - 2013-09-27 20:07 - 00869456 _____ C:\Users\******\Downloads\Norton21_Removal_Tool.exe
2013-09-27 20:06 - 2013-09-27 20:06 - 00000000 ____D C:\Program Files\Avira
2013-09-27 20:05 - 2013-09-27 20:07 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-27 20:05 - 2013-09-27 20:07 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-27 19:47 - 2013-09-27 19:47 - 02092792 _____ C:\Users\******\Desktop\avira_free_antivirus.exe
2013-09-27 19:44 - 2013-09-27 19:44 - 00000949 _____ C:\Users\******\Desktop\JRT.txt
2013-09-27 19:41 - 2013-09-27 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 19:40 - 2013-09-27 19:39 - 01030305 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2013-09-27 19:37 - 2013-09-27 19:37 - 00002769 _____ C:\Users\******\Desktop\AdwCleaner[S0].txt
2013-09-27 19:09 - 2013-09-27 18:59 - 00000000 ____D C:\AdwCleaner
2013-09-27 18:49 - 2008-01-17 22:17 - 00000000 ____D C:\Windows\Panther
2013-09-27 16:26 - 2013-09-27 16:26 - 00000912 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 16:26 - 2013-09-27 16:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-25 20:30 - 2013-09-25 20:30 - 00012380 _____ C:\ComboFix.txt
2013-09-25 20:30 - 2013-09-25 20:08 - 00000000 ____D C:\Qoobox
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-25 20:30 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-25 20:28 - 2013-09-25 20:07 - 00000000 ____D C:\Windows\erdnt
2013-09-25 20:23 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-25 20:06 - 2013-09-24 09:46 - 00000000 ____D C:\Users\******\Desktop\antiviruszeugs
2013-09-25 19:58 - 2013-09-25 20:06 - 05130004 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2013-09-24 09:47 - 2013-09-24 09:47 - 00000000 ____D C:\FRST
2013-09-24 09:43 - 2013-09-24 09:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\******\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-24 09:43 - 2013-09-24 09:46 - 00706916 _____ C:\Users\******\Desktop\delfix.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_enu.exe
2013-09-24 09:42 - 2013-09-24 09:46 - 00448512 _____ (OldTimer Tools) C:\Users\******\Desktop\TFC.exe
2013-09-24 09:41 - 2013-09-24 09:46 - 00602112 _____ (OldTimer Tools) C:\Users\******\Desktop\OTL32690.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01088653 _____ (Farbar) C:\Users\******\Desktop\FRST.exe
2013-09-24 09:40 - 2013-09-24 09:46 - 01042066 _____ C:\Users\******\Desktop\adwcleaner3005.exe
2013-09-24 08:53 - 2008-05-16 22:06 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-20 18:23 - 2013-09-20 18:23 - 00032886 _____ C:\Users\******\Desktop\AVSCAN-20130920-162538-B3060BCA.LOG
2013-09-07 18:38 - 2013-09-07 18:38 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-07 18:38 - 2013-09-07 18:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-07 18:36 - 2008-04-06 20:50 - 00000000 __SHD C:\Users\******\AppData\Roaming\jebfcait
2013-09-07 09:30 - 2013-08-13 08:45 - 00000000 ____D C:\Users\******\AppData\Roaming\Zionb
2013-09-07 09:27 - 2009-01-25 16:09 - 00000000 ____D C:\Program Files\Windows Live
2013-09-04 16:08 - 2008-03-01 15:06 - 00058880 _____ C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-03 18:11 - 2008-01-17 14:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-03 18:11 - 2006-11-02 13:18 - 00000000 __RSD C:\Windows\Media
2013-09-03 18:05 - 2008-05-16 22:14 - 00000000 ____D C:\Users\******\AppData\Local\Google
2013-09-03 18:05 - 2008-05-16 22:09 - 00000000 ____D C:\ProgramData\Google
2013-09-03 17:56 - 2013-09-03 17:56 - 00000000 ____D C:\Windows\pss
2013-09-03 17:42 - 2009-07-14 08:29 - 00000000 ____D C:\Users\Public\Documents\Symantec
2013-09-03 14:28 - 2011-12-14 20:56 - 00000000 ____D C:\Users\******\Desktop\'Bilder

Some content of TEMP:
====================
C:\Users\******\AppData\Local\temp\install_reader10_de_mssd_aaa_aih.exe
C:\Users\******\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-02 09:28

==================== End Of Log ============================
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:34 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131