Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win7, PC plötzlich langsam + hängt sich auf, gelöschter Befall kommt wieder (https://www.trojaner-board.de/144678-win7-pc-ploetzlich-langsam-haengt-geloeschter-befall-kommt.html)

TheBoogeyman 16.11.2013 17:59
Win7, PC plötzlich langsam + hängt sich auf, gelöschter Befall kommt wieder
 
Hallo,
ich brauche Hilfe. Vor ein paar Tagen war mein PC plötzlich ganz langsam und hängte sich teilweise auf. Wenn ich GData ausführen wollte kam die Meldung "Der Server ist ausgelastet." Ich habe mir dann Anti-Maleware und Co. gedownloaded, welche auch was gefunden haben. Danach ging alles wieder für circa 2 ? Tage, danach traten die Probleme wieder auf. Also habe ich erneut die Programme durchlaufen lassen -> Befall gelöscht. PC ging wieder, nur GData wollte nun nicht mehr. Ich habe dann GData deinstalliert und dann wieder neuinstalliert. Laut GData ist nichts auf dem PC.

Momentan läuft der PC wieder normal, aber wenn ich den adwcleaner durchlaufen lasse, findet dieser immer wieder folgenden Schlüssel. -> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D759E2F-FEC8-4858-B156-A23402715780}
Wenn ich den dann lösche und den cleaner erneut ausführe, ist er nicht mehr da, kommt aber nach einer Weile wieder. Der letzte Durchlauf vom adwcleaner hat diesmal noch andere gefunden. Die ganzen logs findet ihr unten. Wie ich den Junkware Remover zum ersten Mal ausgeführt hatte, wurde auch was gefunden und gelöscht. Den Bericht habe ich allerdings nicht mehr.

Defogger wollte ich ausführen, kam hier allerdings nur bis zum downloaden. Wenn ich diesen entpacken will, kommt immer die Meldung "Bitte mit dem Internet verbinden" auf Englisch, obwohl ich mit dem Internet verbunden bin.

frst
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Thomas (administrator) on BÜRO on 15-11-2013 21:09:39
Running from C:\Users\Thomas\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
() C:\Windows\system32\PnkBstrA.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Program Files\AGEIA Technologies\TrayIcon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(G Data Software) C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AGEIA PhysX SysTray] - C:\Program Files\AGEIA Technologies\TrayIcon.exe [331776 2006-03-20] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files\g data\totalprotection\avkkid\avkcks.exe
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {A60509C2-4B6F-4008-B676-4FE1DAB8F8D0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-05-20] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R3 TSNxGService; C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2011-06-04] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2013-11-10] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2013-11-10] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2013-11-10] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2013-11-10] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon32.sys [29400 2011-05-14] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2013-11-10] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2013-11-10] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2013-11-10] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2013-11-10] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-06-04] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-11-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [103928 2013-11-10] (G Data Software)
S1 A2DDA; \??\C:\USERS\THOMAS\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Thomas\AppData\Local\Temp\catchme.sys [x]
S3 cleanhlp; \??\C:\Users\Thomas\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys [x]
U3 fgtdqpog; \??\C:\Users\Thomas\AppData\Local\Temp\fgtdqpog.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-15 21:08 - 2013-11-15 21:08 - 00001850 _____ C:\Users\Thomas\Desktop\Gmer.log
2013-11-15 20:28 - 2013-11-15 20:41 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-15 20:28 - 2013-11-15 20:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DigitalSite
2013-11-15 20:27 - 2013-11-15 20:41 - 00001140 _____ C:\Users\Thomas\Desktop\Continue Zip Extractor Installation.lnk
2013-11-15 20:27 - 2013-11-15 20:27 - 00665064 _____ C:\Users\Thomas\Desktop\ZipExtractorSetup.exe
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 15:50 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-15 15:50 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 15:50 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 15:50 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-15 15:50 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 15:50 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-15 15:13 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 15:13 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-15 15:13 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-15 15:13 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-15 15:13 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-15 15:13 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-15 15:13 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-15 15:13 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-15 15:12 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-15 15:12 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 15:12 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 15:12 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-10 20:19 - 2013-11-10 20:19 - 00000626 _____ C:\Users\Thomas\Desktop\JRT.txt
2013-11-10 20:00 - 2013-11-10 20:00 - 01090275 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 16:17 - 2013-11-10 16:48 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:10 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 16:10 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-09 16:47 - 2013-11-10 17:07 - 00092172 _____ C:\Windows\PFRO.log
2013-11-09 16:27 - 2013-11-09 16:45 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:47 - 2013-11-09 15:47 - 00003288 ____N C:\bootsqm.dat
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:40 - 2013-11-15 20:43 - 01093288 _____ C:\Windows\WindowsUpdate.log
2013-11-09 14:32 - 2013-11-15 20:40 - 00002449 _____ C:\Windows\setupact.log
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-04 20:03 - 2013-11-04 20:03 - 01073258 _____ C:\Users\Thomas\Downloads\adwcleaner.exe
2013-11-04 19:14 - 2013-11-09 23:25 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:21 - 2013-11-15 15:20 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-10-30 15:16 - 2013-10-30 15:17 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:28 - 2013-10-30 02:29 - 00002505 _____ C:\DelFix.txt
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 20:28 - 2013-10-29 20:28 - 00000000 ____D C:\Windows\erdnt
2013-10-29 19:29 - 2013-10-30 02:28 - 00000000 ____D C:\Windows\ERUNT
2013-10-29 13:50 - 2013-10-29 13:51 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:17 - 2013-10-28 13:19 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-28 13:10 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-28 13:09 - 2013-10-28 13:10 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:05 - 2013-11-15 20:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 00:25 - 2013-10-30 00:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-28 00:25 - 2013-10-29 23:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-28 00:22 - 2013-11-09 16:57 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-10-27 23:50 - 2013-11-10 01:25 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 22:08 - 2013-11-09 14:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 21:53 - 2013-10-27 21:54 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 15:15 - 2013-11-10 20:14 - 00000000 ____D C:\AdwCleaner
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss
2013-10-23 22:21 - 2013-10-23 22:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\G Data
2013-10-23 20:35 - 2013-11-10 17:17 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf
2013-10-23 19:31 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-10-23 19:31 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-10-23 19:31 - 2012-08-23 15:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-10-23 19:31 - 2012-08-23 15:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-23 19:31 - 2012-08-23 15:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-23 19:31 - 2012-08-23 14:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-10-23 19:31 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-10-23 19:31 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-10-23 19:31 - 2012-08-23 14:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-10-23 19:31 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-10-23 19:31 - 2012-08-23 12:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-10-23 19:31 - 2012-08-23 12:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-10-23 19:31 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-10-23 19:31 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-10-23 19:31 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-10-23 19:31 - 2012-08-23 11:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-10-23 19:31 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-10-23 17:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-10-20 19:15 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-15 21:08 - 2013-11-15 21:08 - 00001850 _____ C:\Users\Thomas\Desktop\Gmer.log
2013-11-15 20:45 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 20:45 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 20:43 - 2013-11-09 14:40 - 01093288 _____ C:\Windows\WindowsUpdate.log
2013-11-15 20:41 - 2013-11-15 20:28 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-15 20:41 - 2013-11-15 20:27 - 00001140 _____ C:\Users\Thomas\Desktop\Continue Zip Extractor Installation.lnk
2013-11-15 20:40 - 2013-11-09 14:32 - 00002449 _____ C:\Windows\setupact.log
2013-11-15 20:40 - 2011-04-14 15:29 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-11-15 20:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-15 20:28 - 2013-11-15 20:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DigitalSite
2013-11-15 20:27 - 2013-11-15 20:27 - 00665064 _____ C:\Users\Thomas\Desktop\ZipExtractorSetup.exe
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 20:17 - 2013-10-28 13:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 19:55 - 2010-06-29 23:08 - 00000000 ____D C:\Windows\Panther
2013-11-15 19:53 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-15 15:53 - 2010-12-24 23:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 15:20 - 2013-10-30 15:21 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-11-15 15:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-10 21:07 - 2010-06-29 14:26 - 01538492 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 20:19 - 2013-11-10 20:19 - 00000626 _____ C:\Users\Thomas\Desktop\JRT.txt
2013-11-10 20:14 - 2013-10-27 15:15 - 00000000 ____D C:\AdwCleaner
2013-11-10 20:11 - 2010-12-25 17:40 - 00000000 ____D C:\ProgramData\G DATA
2013-11-10 20:00 - 2013-11-10 20:00 - 01090275 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:17 - 2013-10-23 20:35 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-11-10 17:07 - 2013-11-09 16:47 - 00092172 _____ C:\Windows\PFRO.log
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\G Data
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\Common Files\G Data
2013-11-10 16:53 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spool
2013-11-10 16:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\winevt
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-11-10 16:48 - 2013-11-10 16:17 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:10 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 16:10 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 16:10 - 2010-12-25 18:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Mozilla
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-10 01:25 - 2013-10-27 23:50 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-11-09 23:25 - 2013-11-04 19:14 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 16:57 - 2013-10-28 00:22 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-11-09 16:48 - 2010-12-24 22:52 - 00155872 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-09 16:47 - 2009-07-14 05:33 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-09 16:45 - 2013-11-09 16:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:47 - 2013-11-09 15:47 - 00003288 ____N C:\bootsqm.dat
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-09 14:01 - 2013-10-27 22:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-09 13:15 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-04 20:03 - 2013-11-04 20:03 - 01073258 _____ C:\Users\Thomas\Downloads\adwcleaner.exe
2013-11-03 18:40 - 2011-01-22 21:08 - 00000000 ____D C:\Users\Thomas\Desktop\Bilder
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:19 - 2011-03-23 00:13 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2013-10-30 15:19 - 2010-12-25 20:50 - 00000000 ____D C:\Users\Thomas\Tracing
2013-10-30 15:17 - 2013-10-30 15:16 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:29 - 2013-10-30 02:28 - 00002505 _____ C:\DelFix.txt
2013-10-30 02:28 - 2013-10-29 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-10-30 00:42 - 2013-10-28 00:25 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 23:57 - 2013-10-28 00:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-29 20:51 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-10-29 20:28 - 2013-10-29 20:28 - 00000000 ____D C:\Windows\erdnt
2013-10-29 13:51 - 2013-10-29 13:50 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:19 - 2013-10-28 13:17 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:18 - 2012-10-13 21:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-28 13:18 - 2011-06-03 10:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-28 13:09 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:10 - 2010-06-30 11:02 - 00000000 ____D C:\Program Files\Java
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:06 - 2010-12-26 12:08 - 00000000 ____D C:\Users\Thomas\AppData\Local\Adobe
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 12:36 - 2011-05-31 12:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-28 00:09 - 2010-12-25 17:45 - 00000000 ___RD C:\Users\Thomas\Desktop\Software
2013-10-27 23:51 - 2010-12-26 17:50 - 00000000 ____D C:\Users\Thomas\Documents\Dateien von AutoCAD
2013-10-27 23:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 21:54 - 2013-10-27 21:53 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 21:20 - 2010-06-29 16:19 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-26 21:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss
2013-10-26 19:46 - 2012-07-14 13:32 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TuneUpMedia
2013-10-23 22:21 - 2013-10-23 22:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\G Data
2013-10-23 21:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-23 20:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf
2013-10-23 19:33 - 2010-05-12 14:13 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-10-23 19:31 - 2009-07-14 03:04 - 00000513 _____ C:\Windows\win.ini
2013-10-23 18:11 - 2011-05-14 10:48 - 01204683 _____ C:\Windows\system32\sig.bin
2013-10-23 18:11 - 2011-05-14 10:48 - 00059033 _____ C:\Windows\system32\nmp.map
2013-10-23 17:05 - 2011-11-10 18:07 - 00000000 ____D C:\Users\Thomas\AppData\Local\Akamai
2013-10-23 17:05 - 2010-12-25 21:44 - 00000000 ____D C:\ProgramData\HP
2013-10-23 17:05 - 2010-12-24 22:52 - 00000000 ____D C:\Users\Thomas
2013-10-23 17:05 - 2009-07-14 08:48 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-23 17:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-23 17:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat

Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-23 19:17

==================== End Of Log ============================
addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by Thomas at 2013-11-15 21:10:09
Running from C:\Users\Thomas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data TotalProtection 2014 (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection 2014 (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

1400 (Version: 130.0.365.000)
1400_Help (Version: 82.0.242.000)
1400Trb (Version: 82.0.242.000)
32 Bit HP CIO Components Installer (Version: 6.1.1)
7-Zip 9.20
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.5.146)
AGEIA PhysX v2.3.3
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Akamai NetSession Interface Service
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArmA Uninstall
ArtMoney SE v7.37.2 (Version: 7.37)
ATI Catalyst Install Manager (Version: 3.0.778.0)
AutoCAD 2010 - Deutsch (Version: 18.0.55.0)
AutoCAD 2010 Language Pack - Deutsch (Version: 18.0.55.0)
AutoCAD Civil 3D 2011 - Deutsch (Version: 8.0.1439.2)
AutoCAD Civil 3D 2011 Language Pack - Deutsch (Version: 8.0.1439.2)
Autodesk Design Review 2011 (Version: 11.0.0.86)
Autodesk Material Library 2011 (Version: 2.0.0.100)
Autodesk Material Library 2011 Base Image library (Version: 2.0.0.49)
Autodesk Vault 2011 (Client) (Version: 15.0.58.0)
Autodesk Vault 2011 (Client) German Language Pack (Version: 15.0.58.0)
Bing Bar (Version: 7.0.791.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0527.1242.20909)
Catalyst Control Center InstallProxy (Version: 2010.0527.1242.20909)
Catalyst Control Center Localization All (Version: 2010.0527.1242.20909)
CCC Help Danish (Version: 2010.0527.1241.20909)
CCC Help Dutch (Version: 2010.0527.1241.20909)
CCC Help English (Version: 2010.0527.1241.20909)
CCC Help Finnish (Version: 2010.0527.1241.20909)
CCC Help French (Version: 2010.0527.1241.20909)
CCC Help German (Version: 2010.0527.1241.20909)
CCC Help Italian (Version: 2010.0527.1241.20909)
CCC Help Japanese (Version: 2010.0527.1241.20909)
CCC Help Norwegian (Version: 2010.0527.1241.20909)
CCC Help Spanish (Version: 2010.0527.1241.20909)
CCC Help Swedish (Version: 2010.0527.1241.20909)
ccc-core-static (Version: 2010.0527.1242.20909)
ccc-utility (Version: 2010.0527.1242.20909)
CCleaner (Version: 4.07)
Color by Number 4 (Version: 4.0.2)
Company of Heroes - FAKEMSI (Version: 2.0.0.0)
Company of Heroes (Version: 2.0.0.1)
Copy (Version: 130.0.428.000)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
Crysis WARHEAD(R)
Crysis WARHEAD(R) (Version: 1.0)
Crysis WARHEAD(R) Patch
Crysis WARHEAD(R) Patch (Version: 1.0)
Crysis(R) (Version: 1.00.0000)
Crysis® 2 (Version: 1.0.0.0)
CyberLink LabelPrint (Version: 2.5.2515)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDVD Copy (Version: 1.5.1306)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.465.000)
Die*Sims™*3 (Version: 1.0.631)
DivX-Setup (Version: 2.6.1.9)
DocProc (Version: 13.0.0.0)
DWG TrueView 2011 (Version: 18.1.49.0)
EA Download Manager (Version: 5.0.0.255)
ElsterFormular (Version: 13.4.0.10136)
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FastStone Capture 5.3 (Version: 5.3)
Fax (Version: 130.0.418.000)
Free Audio Dub version 1.7.9.908 (Version: 1.7.9.908)
Free YouTube to MP3 Converter version 3.12.5.628 (Version: 3.12.5.628)
G Data TotalProtection 2014 (Version: 24.0.3.4)
GameSpy Comrade (Version: 1.5.0.156)
Gekko Mahjongg (Oster-Edition)
Ghost Recon Advanced Warfighter (Version: 1.10.000)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Hilfe (Version: 140.0.2.2)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
I.R.I.S. OCR (Version: 12.3.4.0)
ICQ7.4 (Version: 7.4)
Intel(R) Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 11.0.4.4)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java(TM) 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Marketsplash Schnellzugriffe (Version: 1.0.1.7)
Medion Home Cinema (Version: 6.0.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Picture It! Foto Premium 10 (Version: 10.0.0715)
Microsoft Picture It!-Bibliothek 10 (Version: 10.0.0715)
Microsoft Report Viewer Redistributable 2008 (KB971118)
Microsoft Report Viewer Redistributable 2008 (KB971118) (Version: 9.0.21024)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual Basic Power Packs 3.0 (Version: 9.0.30214)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows Media Video 9 VCM
Microsoft Works (Version: 08.04.0702)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 25.0 (x86 de) (Version: 25.0)
Mozilla Maintenance Service (Version: 25.0)
Mp3tag v2.57 (Version: v2.57)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network (Version: 130.0.572.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenAL
p.i.c.s. Rätsel-Generator
Panzer Elite Action - Dunes Of War (Version: 1.44)
Panzeroffensive Afrika 1941 - 1943 (Version: 1.0)
PDF24 Creator 5.2.0
PlayReady PC Runtime x86 (Version: 1.3.0)
ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
PunkBuster Services (Version: 0.986)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6083)
Scan (Version: 140.0.80.000)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Setup-Start von Microsoft Works 2005
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.5 (Version: 6.5.158)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Sony Ericsson Update Engine (Version: 2.13.6.201305161305)
Sony PC Companion 2.10.179 (Version: 2.10.179)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Status (Version: 130.0.469.000)
Stronghold Crusader
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (Version: 22.50.231.0)
Sven - Die ersten 10 Jahre (Version: 1.00)
swMSM (Version: 12.0.0.1)
TIPP10 Version 2.1.0
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update for Zip Extractor
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.8 (Version: 1.1.8)
WebReg (Version: 130.0.132.017)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Works Update (Version: 8.0.0.0000)

==================== Restore Points  =========================

30-10-2013 01:29:03 Ende der Bereinigung
30-10-2013 14:04:50 Uniblue SpeedUpMyPC installation
01-11-2013 15:06:10 Windows Update
09-11-2013 13:05:25 Windows Update
09-11-2013 15:22:31 Tweaking.com - Windows Repair
15-11-2013 14:10:27 Windows Update
15-11-2013 14:49:58 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2013-11-09 16:40 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {3D759E2F-FEC8-4858-B156-A23402715780} - System32\Tasks\DigitalSite => C:\Users\Thomas\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {722DA502-83B2-46A6-A832-62487881862A} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {80130D08-3D4A-414E-96E3-E0D24884CA76} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {91310D2C-5B68-43A5-A827-7C535A738B3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {B41FDBE4-10FF-458D-A8B4-27D6A3DB2DE3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DCD55214-012F-4860-8E5A-340816619B4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28] (Adobe Systems Incorporated)
Task: {F4021384-4655-4F28-A1E6-6AEAB9B98A2F} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Thomas\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-05-27 20:40 - 2010-05-27 20:40 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: I:\
Description: SMC xD Reader 
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: G:\
Description: CF Card Reader 
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: H:\
Description: SD MS Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (11/15/2013 08:45:13 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:45:13 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:45:13 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:45:11 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:45:11 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:45:11 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.

Error: (11/15/2013 08:40:08 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎11.‎2013 um 20:38:38 unerwartet heruntergefahren.

Error: (11/15/2013 03:31:27 PM) (Source: DCOM) (User: )
Description: {7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (11/10/2013 09:09:43 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 3071.24 MB
Available physical RAM: 1874.35 MB
Total Pagefile: 6140.77 MB
Available Pagefile: 4360.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.75 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:890.41 GB) (Free:752.99 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:23.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=890 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
gmer

Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-15 21:08:44
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JP4O 931,51GB
Running: dm48wylg.exe; Driver: C:\Users\Thomas\AppData\Local\Temp\fgtdqpog.sys


---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                83443A15 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                  8347D212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                section is writeable [0x9441A000, 0x2FBAB4, 0xE8000020]
.vmp2  C:\Windows\system32\drivers\acedrv11.sys                                                                                entry point in ".vmp2" section [0x9D49E69D]
.text  C:\Windows\system32\DRIVERS\atksgt.sys                                                                                  section is writeable [0x9D4A4000, 0xBAE2, 0xE8000020]
.text  C:\Windows\system32\DRIVERS\lirsgt.sys                                                                                  section is writeable [0x9D4B8300, 0x1BEE, 0xE8000020]

---- Registry - GMER 2.1 ----

Reg    HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{572158AB-0FE7-11E0-A55E-806E6F6E6963}  19992483416

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0                                                                                                  unknown MBR code

---- EOF - GMER 2.1 ----
adwcleaner

Code:
# AdwCleaner v3.012 - Bericht erstellt am 16/11/2013 um 17:04:13
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Thomas - BÜRO
# Gestartet von : C:\Users\Thomas\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D759E2F-FEC8-4858-B156-A23402715780}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gefunden : HKLM\Software\Uniblue

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0 (de)

[ Datei : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [36224 octets] - [27/10/2013 15:15:43]
AdwCleaner[R10].txt - [2007 octets] - [09/11/2013 15:26:01]
AdwCleaner[R11].txt - [2129 octets] - [09/11/2013 16:54:38]
AdwCleaner[R12].txt - [4503 octets] - [09/11/2013 22:31:58]
AdwCleaner[R13].txt - [4747 octets] - [09/11/2013 23:20:04]
AdwCleaner[R14].txt - [2361 octets] - [10/11/2013 16:06:27]
AdwCleaner[R15].txt - [19423 octets] - [10/11/2013 19:40:30]
AdwCleaner[R16].txt - [19485 octets] - [10/11/2013 20:10:34]
AdwCleaner[R17].txt - [2742 octets] - [10/11/2013 20:13:30]
AdwCleaner[R18].txt - [3204 octets] - [15/11/2013 21:39:23]
AdwCleaner[R19].txt - [2925 octets] - [15/11/2013 21:54:14]
AdwCleaner[R1].txt - [19905 octets] - [28/10/2013 00:40:56]
AdwCleaner[R20].txt - [1967 octets] - [16/11/2013 17:04:13]
AdwCleaner[R2].txt - [20100 octets] - [29/10/2013 23:05:51]
AdwCleaner[R3].txt - [20321 octets] - [30/10/2013 00:43:17]
AdwCleaner[R4].txt - [1285 octets] - [09/11/2013 13:10:29]
AdwCleaner[R5].txt - [1405 octets] - [09/11/2013 13:13:32]
AdwCleaner[R6].txt - [1526 octets] - [09/11/2013 13:41:58]
AdwCleaner[R7].txt - [1646 octets] - [09/11/2013 14:18:54]
AdwCleaner[R8].txt - [1766 octets] - [09/11/2013 14:33:41]
AdwCleaner[R9].txt - [1886 octets] - [09/11/2013 15:08:12]
AdwCleaner[S0].txt - [36305 octets] - [27/10/2013 15:19:17]
AdwCleaner[S10].txt - [2070 octets] - [09/11/2013 15:26:49]
AdwCleaner[S11].txt - [2192 octets] - [09/11/2013 16:55:39]
AdwCleaner[S12].txt - [2314 octets] - [09/11/2013 23:17:20]
AdwCleaner[S13].txt - [2436 octets] - [10/11/2013 15:37:04]
AdwCleaner[S14].txt - [2818 octets] - [10/11/2013 20:11:33]
AdwCleaner[S15].txt - [3299 octets] - [15/11/2013 21:40:41]
AdwCleaner[S1].txt - [2296 octets] - [29/10/2013 19:17:56]
AdwCleaner[S2].txt - [1306 octets] - [04/11/2013 20:23:38]
AdwCleaner[S3].txt - [1367 octets] - [09/11/2013 13:03:14]
AdwCleaner[S4].txt - [1347 octets] - [09/11/2013 13:11:20]
AdwCleaner[S5].txt - [1467 octets] - [09/11/2013 13:14:22]
AdwCleaner[S6].txt - [1587 octets] - [09/11/2013 13:42:47]
AdwCleaner[S7].txt - [1707 octets] - [09/11/2013 14:20:21]
AdwCleaner[S8].txt - [1827 octets] - [09/11/2013 14:34:49]
AdwCleaner[S9].txt - [1947 octets] - [09/11/2013 15:12:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R20].txt - [3477 octets] ##########
Anti-Maleware, findet aktuell nichts -> erste Logdatei

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.26.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Thomas :: BÜRO [Administrator]

Schutz: Aktiviert

26.10.2013 22:18:30
mbam-log-2013-10-26 (22-18-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 277548
Laufzeit: 23 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 4
C:\Users\Thomas\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Roaming\OpenCandy\C5794ED63C10419A89F1BE72DA2A0AF6 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\xpi (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 10
C:\Users\Thomas\Downloads\FreeAudioDub(1).exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Thomas\AppData\Local\Temp\FKhJIVZD.exe.part (PUP.Optional.Amonetize.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ms1cfg32.exe (Exploit.Drop.CFG) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Roaming\OpenCandy\C5794ED63C10419A89F1BE72DA2A0AF6\TuneUp_PC_2.4.6.4_CPMID_347.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\CT2625848.xpi (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\ffLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\ieLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\statisticsStub.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\version.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Thomas\AppData\Local\Temp\ct2625848\xpi\install.rdf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by Thomas on 15.11.2013 at 21:55:55,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.11.2013 at 22:02:22,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 17.11.2013 06:28
hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

TheBoogeyman 18.11.2013 20:49
combofix
Code:
ComboFix 13-11-18.01 - Thomas 18.11.2013  19:22:08.1.2 - x86
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3071.2053 [GMT 1:00]
ausgeführt von:: c:\users\Thomas\Desktop\ComboFix.exe
AV: G Data TotalProtection 2014 *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data TotalProtection 2014 *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-10-18 bis 2013-11-18  ))))))))))))))))))))))))))))))
.
.
2013-11-18 18:37 . 2013-11-18 18:37        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-11-18 17:55 . 2013-11-18 17:58        --------        d-----w-        c:\windows\system32\MRT
2013-11-15 14:12 . 2013-10-12 02:03        656896        ----a-w-        c:\windows\system32\nshwfp.dll
2013-11-15 14:12 . 2013-10-12 02:01        679424        ----a-w-        c:\windows\system32\IKEEXT.DLL
2013-11-15 14:12 . 2013-10-12 02:01        216576        ----a-w-        c:\windows\system32\FWPUCLNT.DLL
2013-11-15 14:12 . 2013-10-03 01:58        305152        ----a-w-        c:\windows\system32\gdi32.dll
2013-11-15 14:11 . 2013-10-14 06:39        7796464        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{0FDAA27B-AD3F-45D6-B659-FE33B0CB85FF}\mpengine.dll
2013-11-10 16:17 . 2013-11-10 16:17        30040        ----a-w-        c:\windows\system32\drivers\GRD.sys
2013-11-10 16:06 . 2013-11-10 16:06        52056        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2013-11-10 16:05 . 2013-11-10 16:05        53208        ----a-w-        c:\windows\system32\drivers\gddcv32.sys
2013-11-10 16:05 . 2013-11-10 16:05        103928        ----a-w-        c:\windows\system32\drivers\TS4nt.sys
2013-11-10 16:05 . 2013-11-10 16:05        70488        ----a-w-        c:\windows\system32\drivers\gddcd32.sys
2013-11-10 16:05 . 2013-11-10 16:05        54104        ----a-w-        c:\windows\system32\drivers\gdwfpcd32.sys
2013-11-10 16:04 . 2013-11-10 16:04        96600        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2013-11-10 16:04 . 2013-11-10 16:04        51032        ----a-w-        c:\windows\system32\drivers\HookCentre.sys
2013-11-10 16:04 . 2013-11-10 16:04        45912        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2013-11-10 16:03 . 2013-11-10 16:03        --------        d-----w-        c:\programdata\G DATA Software
2013-11-10 15:53 . 2013-11-10 15:53        --------        d-----w-        c:\windows\system32\wbem\MOF\good
2013-11-10 15:53 . 2013-11-10 15:53        --------        d-----w-        c:\windows\system32\wbem\MOF\bad
2013-11-10 15:52 . 2013-11-10 15:52        --------        d-----w-        c:\windows\system32\wbem\Logs
2013-11-10 15:10 . 2013-11-18 18:08        --------        d-----w-        c:\program files\Mozilla Maintenance Service
2013-11-09 15:42 . 2013-11-18 18:01        --------        d-----w-        c:\windows\system32\catroot2
2013-11-09 15:35 . 2013-11-18 18:04        --------        d-----w-        c:\windows\system32\wbem\repository
2013-11-09 15:27 . 2013-11-09 15:45        181064        ----a-w-        c:\windows\PSEXESVC.EXE
2013-11-09 15:23 . 2013-11-09 15:23        --------        d-----w-        C:\RegBackup
2013-11-04 19:27 . 2013-11-04 19:27        --------        d-----w-        C:\FRST
2013-11-04 18:14 . 2013-11-09 22:25        31560        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2013-10-30 14:16 . 2013-10-30 14:17        --------        d-----w-        c:\program files\CCleaner
2013-10-29 18:29 . 2013-10-30 01:28        --------        d-----w-        c:\windows\ERUNT
2013-10-28 12:11 . 2013-10-28 12:11        --------        d-----w-        c:\programdata\Oracle
2013-10-28 12:10 . 2013-10-28 12:10        --------        d-----w-        c:\program files\Common Files\Java
2013-10-28 12:10 . 2013-10-08 06:50        94632        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2013-10-27 23:25 . 2013-10-29 22:57        --------        d-----w-        c:\programdata\Spybot - Search & Destroy
2013-10-27 23:25 . 2013-10-29 23:42        --------        d-----w-        c:\program files\Spybot - Search & Destroy 2
2013-10-27 22:50 . 2013-11-10 00:25        --------        d-----w-        C:\#GDATA.Trash.Store#
2013-10-27 21:08 . 2013-11-09 13:01        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-27 14:15 . 2013-11-18 17:45        --------        d-----w-        C:\AdwCleaner
2013-10-23 21:21 . 2013-10-23 21:21        --------        d-----w-        c:\users\Thomas\AppData\Roaming\G Data
2013-10-23 19:35 . 2013-11-10 16:17        16048        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys
2013-10-23 16:20 . 2012-05-04 09:59        514560        ----a-w-        c:\windows\system32\qdvd.dll
2013-10-20 18:15 . 2013-09-04 01:15        258560        ----a-w-        c:\windows\system32\drivers\usbhub.sys
2013-10-20 18:15 . 2013-09-04 01:14        284672        ----a-w-        c:\windows\system32\drivers\usbport.sys
2013-10-20 18:15 . 2013-09-04 01:14        43008        ----a-w-        c:\windows\system32\drivers\usbehci.sys
2013-10-20 18:15 . 2013-09-04 01:14        24064        ----a-w-        c:\windows\system32\drivers\usbuhci.sys
2013-10-20 18:15 . 2013-09-04 01:14        6016        ----a-w-        c:\windows\system32\drivers\usbd.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-28 12:18 . 2012-10-13 20:00        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-10-28 12:18 . 2011-06-03 09:28        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-14 00:48 . 2013-10-10 18:20        338944        ----a-w-        c:\windows\system32\drivers\afd.sys
2013-09-08 02:07 . 2013-10-10 18:20        1294272        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:03 . 2013-10-10 18:20        231424        ----a-w-        c:\windows\system32\mswsock.dll
2013-09-03 12:35 . 2010-06-29 13:41        238872        ------w-        c:\windows\system32\MpSigStub.exe
2013-09-01 13:38 . 2013-09-01 13:38        107888        ----a-w-        c:\windows\system32\CmdLineExt.dll
2013-09-01 13:24 . 2013-09-01 13:24        2406        ----a-w-        c:\windows\system32\ealregsnapshot1.reg
2013-08-29 01:51 . 2013-10-10 18:20        3969472        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 18:20        3914176        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 18:20        1289096        ----a-w-        c:\windows\system32\ntdll.dll
2013-08-29 01:50 . 2013-10-10 18:20        619520        ----a-w-        c:\windows\system32\tdh.dll
2013-08-29 01:48 . 2013-10-10 18:20        640512        ----a-w-        c:\windows\system32\advapi32.dll
2013-08-28 01:04 . 2013-10-10 18:18        2348544        ----a-w-        c:\windows\system32\win32k.sys
2013-08-28 00:57 . 2013-10-10 18:20        434688        ----a-w-        c:\windows\system32\scavengeui.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Thomas\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-07 8555040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\TrayIcon.exe" [2006-03-20 331776]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"G Data AntiVirus Tray"="c:\program files\G Data\TotalProtection\AVKTray\AVKTray.exe" [2013-08-21 1444472]
"GDFirewallTray"="c:\program files\G Data\TotalProtection\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43        59720        ----a-w-        c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11        3325952        ----a-w-        c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 17:33        150528        ----a-w-        c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-05-31 09:56        152392        ----a-w-        c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2012-12-12 09:28        163000        ----a-w-        c:\program files\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
2013-05-29 11:34        449248        ----a-w-        c:\program files\Sony\Sony PC Companion\PCCompanion.exe
.
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\THOMAS\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-03 162408]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-05-26 191752]
R3 cleanhlp;cleanhlp;c:\users\Thomas\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys [x]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2011-05-14 29400]
R3 GDTunerSvc;G Data Tuner Service;c:\program files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2013-02-25 1711568]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-18 108032]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-11-09 31560]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2013-11-10 45912]
S0 TS4NT;TS4nt driver;c:\windows\System32\Drivers\TS4nt.sys [2013-11-10 103928]
S1 gddcv;G Data DCV Driver;c:\windows\system32\drivers\gddcv32.sys [2013-11-10 53208]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2013-11-10 96600]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2013-11-10 54104]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2013-11-10 30040]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2013-11-10 51032]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2013-08-26 1970296]
S2 AVKService;G Data Scheduler;c:\program files\G Data\TotalProtection\AVK\AVKService.exe [2013-08-21 635000]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\TotalProtection\AVK\AVKWCtl.exe [2013-10-15 2101280]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-03-10 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 GDBackupSvc;G Data Backup Service;c:\program files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [2013-08-21 1947768]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S3 gddcd;G Data DCD Driver;c:\windows\system32\drivers\gddcd32.sys [2013-11-10 70488]
S3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\TotalProtection\Firewall\GDFwSvc.exe [2013-10-17 2373712]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2013-11-10 52056]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2013-08-22 695416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 TSNxGService;G Data Datensafe Service;c:\program files\G Data\TotalProtection\TSNxG\TSNxGService.exe [2013-02-25 257512]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
HPService        REG_MULTI_SZ          HPSLPSVC
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
Akamai        REG_MULTI_SZ          Akamai
WindowsMobile        REG_MULTI_SZ          wcescomm rapimgr
LocalServiceRestricted        REG_MULTI_SZ          WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 12:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.aldi.com
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
TCP: Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default\
FF - ExtSQL: !HIDDEN! 2010-12-25 21:49; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
SafeBoot-BsScanner
AddRemove-DigitalSite - c:\users\Thomas\AppData\Roaming\DIGITA~1\UpdateProc\UpdateTask.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_8fa3539.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-600205669-1944798074-3299241248-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ee,4e,a2,ee,bb,70,1c,88,fa,3a,e6,b2,9f,9b,8f,26,ca,b8,ea,74,70,b1,58,
  bb,69,3a,ab,41,5c,1c,ad,2c,c9,43,f4,62,b9,c3,49,80,01,9a,0e,67,23,09,ef,b6,\
"??"=hex:39,4b,f5,c4,a1,1d,a1,99,d8,91,35,4f,a5,a7,bf,8b
.
[HKEY_USERS\S-1-5-21-600205669-1944798074-3299241248-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e1,15,9f,7b,b9,9b,5b,5e,9b,8c,eb,1a,fc,4d,95,ba,b1,d0,e4,6c,b7,
  61,18,a5,14,4e,eb,6d,92,c9,b5,44,3b,83,c9,12,3b,69,09,26,46,66,5e,71,1b,ba,\
"rkeysecu"=hex:d3,21,26,3b,bd,60,ad,18,15,cf,3a,23,1f,74,49,36
.
Zeit der Fertigstellung: 2013-11-18  20:41:08
ComboFix-quarantined-files.txt  2013-11-18 19:41
.
Vor Suchlauf: 19 Verzeichnis(se), 807.684.739.072 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 807.635.042.304 Bytes frei
.
- - End Of File - - C95D2E9C5651BCADF193E2E23216A885
C79B30CB8852157F6F908E4698CFE0D0

schrauber 19.11.2013 11:53
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

TheBoogeyman 19.11.2013 19:27
Malwarebytes
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.19.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
Thomas :: BÜRO [Administrator]

19.11.2013 18:40:01
mbam-log-2013-11-19 (18-40-01).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 246664
Laufzeit: 8 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

adwcleaner
Code:
# AdwCleaner v3.012 - Bericht erstellt am 19/11/2013 um 18:51:51
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Thomas - BÜRO
# Gestartet von : C:\Users\Thomas\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [36224 octets] - [27/10/2013 15:15:43]
AdwCleaner[R10].txt - [2007 octets] - [09/11/2013 15:26:01]
AdwCleaner[R11].txt - [2129 octets] - [09/11/2013 16:54:38]
AdwCleaner[R12].txt - [4503 octets] - [09/11/2013 22:31:58]
AdwCleaner[R13].txt - [4747 octets] - [09/11/2013 23:20:04]
AdwCleaner[R14].txt - [2361 octets] - [10/11/2013 16:06:27]
AdwCleaner[R15].txt - [19423 octets] - [10/11/2013 19:40:30]
AdwCleaner[R16].txt - [19485 octets] - [10/11/2013 20:10:34]
AdwCleaner[R17].txt - [2742 octets] - [10/11/2013 20:13:30]
AdwCleaner[R18].txt - [3204 octets] - [15/11/2013 21:39:23]
AdwCleaner[R19].txt - [2925 octets] - [15/11/2013 21:54:14]
AdwCleaner[R1].txt - [19905 octets] - [28/10/2013 00:40:56]
AdwCleaner[R20].txt - [3558 octets] - [16/11/2013 17:04:13]
AdwCleaner[R21].txt - [3106 octets] - [16/11/2013 18:02:55]
AdwCleaner[R22].txt - [3167 octets] - [18/11/2013 18:44:57]
AdwCleaner[R23].txt - [3230 octets] - [19/11/2013 18:50:37]
AdwCleaner[R2].txt - [20100 octets] - [29/10/2013 23:05:51]
AdwCleaner[R3].txt - [20321 octets] - [30/10/2013 00:43:17]
AdwCleaner[R4].txt - [1285 octets] - [09/11/2013 13:10:29]
AdwCleaner[R5].txt - [1405 octets] - [09/11/2013 13:13:32]
AdwCleaner[R6].txt - [1526 octets] - [09/11/2013 13:41:58]
AdwCleaner[R7].txt - [1646 octets] - [09/11/2013 14:18:54]
AdwCleaner[R8].txt - [1766 octets] - [09/11/2013 14:33:41]
AdwCleaner[R9].txt - [1886 octets] - [09/11/2013 15:08:12]
AdwCleaner[S0].txt - [36305 octets] - [27/10/2013 15:19:17]
AdwCleaner[S10].txt - [2070 octets] - [09/11/2013 15:26:49]
AdwCleaner[S11].txt - [2192 octets] - [09/11/2013 16:55:39]
AdwCleaner[S12].txt - [2314 octets] - [09/11/2013 23:17:20]
AdwCleaner[S13].txt - [2436 octets] - [10/11/2013 15:37:04]
AdwCleaner[S14].txt - [2818 octets] - [10/11/2013 20:11:33]
AdwCleaner[S15].txt - [3299 octets] - [15/11/2013 21:40:41]
AdwCleaner[S16].txt - [3624 octets] - [16/11/2013 18:00:59]
AdwCleaner[S17].txt - [2610 octets] - [19/11/2013 18:51:51]
AdwCleaner[S1].txt - [2296 octets] - [29/10/2013 19:17:56]
AdwCleaner[S2].txt - [1306 octets] - [04/11/2013 20:23:38]
AdwCleaner[S3].txt - [1367 octets] - [09/11/2013 13:03:14]
AdwCleaner[S4].txt - [1347 octets] - [09/11/2013 13:11:20]
AdwCleaner[S5].txt - [1467 octets] - [09/11/2013 13:14:22]
AdwCleaner[S6].txt - [1587 octets] - [09/11/2013 13:42:47]
AdwCleaner[S7].txt - [1707 octets] - [09/11/2013 14:20:21]
AdwCleaner[S8].txt - [1827 octets] - [09/11/2013 14:34:49]
AdwCleaner[S9].txt - [1947 octets] - [09/11/2013 15:12:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S17].txt - [3211 octets] ##########

jrt

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by Thomas on 19.11.2013 at 19:00:45,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.11.2013 at 19:02:43,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Thomas (administrator) on BÜRO on 19-11-2013 19:03:23
Running from C:\Users\Thomas\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
() C:\Windows\system32\PnkBstrA.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Program Files\AGEIA Technologies\TrayIcon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(G Data Software) C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AGEIA PhysX SysTray] - C:\Program Files\AGEIA Technologies\TrayIcon.exe [331776 2006-03-20] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {A60509C2-4B6F-4008-B676-4FE1DAB8F8D0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-05-20] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R3 TSNxGService; C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2011-06-04] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2013-11-10] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2013-11-10] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2013-11-10] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2013-11-10] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon32.sys [29400 2011-05-14] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2013-11-10] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2013-11-10] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2013-11-10] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2013-11-10] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-06-04] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-11-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [103928 2013-11-10] (G Data Software)
S1 A2DDA; \??\C:\USERS\THOMAS\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Thomas\AppData\Local\Temp\catchme.sys [x]
S3 cleanhlp; \??\C:\Users\Thomas\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-19 19:02 - 2013-11-19 19:02 - 00000626 _____ C:\Users\Thomas\Desktop\JRT.txt
2013-11-19 18:58 - 2013-11-19 18:58 - 01034531 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2013-11-18 20:41 - 2013-11-18 20:41 - 00016803 _____ C:\ComboFix.txt
2013-11-18 19:18 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-18 19:18 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-18 19:18 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-18 19:17 - 2013-11-18 20:41 - 00000000 ____D C:\Qoobox
2013-11-18 19:14 - 2013-11-18 19:15 - 05146764 ____R (Swearware) C:\Users\Thomas\Desktop\ComboFix.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 18:59 - 2013-11-18 18:59 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 18:59 - 2013-11-18 18:59 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 18:59 - 2013-11-18 18:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 18:59 - 2013-11-18 18:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 18:58 - 2013-11-18 19:02 - 00009821 _____ C:\Windows\IE11_main.log
2013-11-18 18:55 - 2013-11-18 18:58 - 00000000 ____D C:\Windows\system32\MRT
2013-11-16 17:03 - 2013-11-16 17:03 - 01085542 _____ C:\Users\Thomas\Desktop\adwcleaner.exe
2013-11-16 16:56 - 2013-11-16 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 21:08 - 2013-11-15 21:08 - 00001850 _____ C:\Users\Thomas\Desktop\Gmer.log
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 15:13 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 15:13 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-15 15:13 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-15 15:13 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-15 15:13 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-15 15:13 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-15 15:13 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-15 15:13 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-15 15:12 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-15 15:12 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 15:12 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 15:12 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-10 20:00 - 2013-11-10 20:00 - 01090275 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 16:17 - 2013-11-10 16:48 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-18 20:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-09 16:47 - 2013-11-18 20:51 - 00093352 _____ C:\Windows\PFRO.log
2013-11-09 16:27 - 2013-11-09 16:45 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:47 - 2013-11-09 15:47 - 00003288 ____N C:\bootsqm.dat
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:40 - 2013-11-19 18:52 - 01279716 _____ C:\Windows\WindowsUpdate.log
2013-11-09 14:32 - 2013-11-19 18:53 - 00002953 _____ C:\Windows\setupact.log
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-04 19:14 - 2013-11-09 23:25 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:21 - 2013-11-15 15:20 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-10-30 15:16 - 2013-10-30 15:17 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:28 - 2013-10-30 02:29 - 00002505 _____ C:\DelFix.txt
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 20:28 - 2013-11-18 20:40 - 00000000 ____D C:\Windows\erdnt
2013-10-29 19:29 - 2013-10-30 02:28 - 00000000 ____D C:\Windows\ERUNT
2013-10-29 13:50 - 2013-10-29 13:51 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:17 - 2013-10-28 13:19 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-28 13:10 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-28 13:09 - 2013-10-28 13:10 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:05 - 2013-11-18 20:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 00:25 - 2013-10-30 00:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-28 00:25 - 2013-10-29 23:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-28 00:22 - 2013-11-19 18:55 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-10-27 23:50 - 2013-11-10 01:25 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 22:08 - 2013-11-09 14:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 21:53 - 2013-10-27 21:54 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 15:15 - 2013-11-19 18:51 - 00000000 ____D C:\AdwCleaner
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss
2013-10-23 22:21 - 2013-10-23 22:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\G Data
2013-10-23 20:35 - 2013-11-10 17:17 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf
2013-10-23 19:31 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-10-23 19:31 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-10-23 19:31 - 2012-08-23 15:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-10-23 19:31 - 2012-08-23 15:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-23 19:31 - 2012-08-23 15:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-23 19:31 - 2012-08-23 14:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-10-23 19:31 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-10-23 19:31 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-10-23 19:31 - 2012-08-23 14:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-10-23 19:31 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-10-23 19:31 - 2012-08-23 12:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-10-23 19:31 - 2012-08-23 12:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-10-23 19:31 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-10-23 19:31 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-10-23 19:31 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-10-23 19:31 - 2012-08-23 11:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-10-23 19:31 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-10-23 17:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-10-20 19:15 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-20 19:15 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

==================== One Month Modified Files and Folders =======

2013-11-19 19:02 - 2013-11-19 19:02 - 00000626 _____ C:\Users\Thomas\Desktop\JRT.txt
2013-11-19 18:58 - 2013-11-19 18:58 - 01034531 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2013-11-19 18:58 - 2013-11-09 14:40 - 01279716 _____ C:\Windows\WindowsUpdate.log
2013-11-19 18:58 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-19 18:58 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-19 18:55 - 2013-10-28 00:22 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-11-19 18:53 - 2013-11-09 14:32 - 00002953 _____ C:\Windows\setupact.log
2013-11-19 18:53 - 2011-04-14 15:29 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-11-19 18:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 18:51 - 2013-10-27 15:15 - 00000000 ____D C:\AdwCleaner
2013-11-18 20:51 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-18 20:51 - 2013-11-09 16:47 - 00093352 _____ C:\Windows\PFRO.log
2013-11-18 20:41 - 2013-11-18 20:41 - 00016803 _____ C:\ComboFix.txt
2013-11-18 20:41 - 2013-11-18 19:17 - 00000000 ____D C:\Qoobox
2013-11-18 20:41 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-11-18 20:41 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-11-18 20:40 - 2013-10-29 20:28 - 00000000 ____D C:\Windows\erdnt
2013-11-18 20:39 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-11-18 20:17 - 2013-10-28 13:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 19:15 - 2013-11-18 19:14 - 05146764 ____R (Swearware) C:\Users\Thomas\Desktop\ComboFix.exe
2013-11-18 19:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-18 19:02 - 2013-11-18 18:58 - 00009821 _____ C:\Windows\IE11_main.log
2013-11-18 18:59 - 2013-11-18 18:59 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 18:59 - 2013-11-18 18:59 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 18:59 - 2013-11-18 18:59 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 18:59 - 2013-11-18 18:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 18:59 - 2013-11-18 18:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 18:58 - 2013-11-18 18:55 - 00000000 ____D C:\Windows\system32\MRT
2013-11-18 18:55 - 2010-06-30 09:36 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 17:03 - 2013-11-16 17:03 - 01085542 _____ C:\Users\Thomas\Desktop\adwcleaner.exe
2013-11-16 16:56 - 2013-11-16 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 21:08 - 2013-11-15 21:08 - 00001850 _____ C:\Users\Thomas\Desktop\Gmer.log
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 19:55 - 2010-06-29 23:08 - 00000000 ____D C:\Windows\Panther
2013-11-15 15:53 - 2010-12-24 23:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 15:20 - 2013-10-30 15:21 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-11-15 15:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-10 21:07 - 2010-06-29 14:26 - 01538492 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 20:11 - 2010-12-25 17:40 - 00000000 ____D C:\ProgramData\G DATA
2013-11-10 20:00 - 2013-11-10 20:00 - 01090275 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:17 - 2013-10-23 20:35 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\G Data
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\Common Files\G Data
2013-11-10 16:53 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spool
2013-11-10 16:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\winevt
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-11-10 16:48 - 2013-11-10 16:17 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:10 - 2010-12-25 18:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Mozilla
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-10 01:25 - 2013-10-27 23:50 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-11-09 23:25 - 2013-11-04 19:14 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 16:48 - 2010-12-24 22:52 - 00155872 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-09 16:47 - 2009-07-14 05:33 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-09 16:45 - 2013-11-09 16:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:47 - 2013-11-09 15:47 - 00003288 ____N C:\bootsqm.dat
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-09 14:01 - 2013-10-27 22:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-09 13:15 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-03 18:40 - 2011-01-22 21:08 - 00000000 ____D C:\Users\Thomas\Desktop\Bilder
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:19 - 2011-03-23 00:13 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2013-10-30 15:19 - 2010-12-25 20:50 - 00000000 ____D C:\Users\Thomas\Tracing
2013-10-30 15:17 - 2013-10-30 15:16 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:29 - 2013-10-30 02:28 - 00002505 _____ C:\DelFix.txt
2013-10-30 02:28 - 2013-10-29 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-10-30 00:42 - 2013-10-28 00:25 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 23:57 - 2013-10-28 00:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-29 13:51 - 2013-10-29 13:50 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:19 - 2013-10-28 13:17 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:18 - 2012-10-13 21:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-28 13:18 - 2011-06-03 10:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-28 13:09 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:10 - 2010-06-30 11:02 - 00000000 ____D C:\Program Files\Java
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:06 - 2010-12-26 12:08 - 00000000 ____D C:\Users\Thomas\AppData\Local\Adobe
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 12:36 - 2011-05-31 12:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-28 00:09 - 2010-12-25 17:45 - 00000000 ___RD C:\Users\Thomas\Desktop\Software
2013-10-27 23:51 - 2010-12-26 17:50 - 00000000 ____D C:\Users\Thomas\Documents\Dateien von AutoCAD
2013-10-27 23:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 21:54 - 2013-10-27 21:53 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 21:20 - 2010-06-29 16:19 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-26 21:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss
2013-10-26 19:46 - 2012-07-14 13:32 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TuneUpMedia
2013-10-23 22:21 - 2013-10-23 22:21 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\G Data
2013-10-23 21:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-23 20:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-23 20:24 - 2013-10-23 20:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf
2013-10-23 19:33 - 2010-05-12 14:13 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-10-23 19:31 - 2009-07-14 03:04 - 00000513 _____ C:\Windows\win.ini
2013-10-23 18:11 - 2011-05-14 10:48 - 01204683 _____ C:\Windows\system32\sig.bin
2013-10-23 18:11 - 2011-05-14 10:48 - 00059033 _____ C:\Windows\system32\nmp.map
2013-10-23 17:05 - 2011-11-10 18:07 - 00000000 ____D C:\Users\Thomas\AppData\Local\Akamai
2013-10-23 17:05 - 2010-12-25 21:44 - 00000000 ____D C:\ProgramData\HP
2013-10-23 17:05 - 2010-12-24 22:52 - 00000000 ____D C:\Users\Thomas
2013-10-23 17:05 - 2009-07-14 08:48 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-23 17:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-23 17:05 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-23 19:17

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

schrauber 20.11.2013 12:28

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

TheBoogeyman 23.11.2013 13:37
Eset
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7f304bfcc1997342ac5c2a385fa3b95a
# engine=15994
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-23 02:28:03
# local_time=2013-11-23 03:28:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 27354 136804874 0 0
# scanned=231453
# found=0
# cleaned=0
# scan_time=22996
SecurityCheck
Code:
Results of screen317's Security Check version 0.99.76 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
G Data TotalProtection 2014 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 CCleaner   
 Java(TM) 6 Update 31 
 Java 7 Update 45 
 Adobe Flash Player        11.9.900.117 
 Adobe Reader 9 
 Adobe Reader XI 
 Mozilla Firefox (25.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 G Data TotalProtection Firewall GDFirewallTray.exe
 G Data TotalProtection Firewall GDFwSvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2013
Ran by Thomas (administrator) on BÜRO on 23-11-2013 13:17:53
Running from C:\Users\Thomas\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\AGEIA Technologies\TrayIcon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe
() C:\Windows\System32\PnkBstrA.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(G Data Software) C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AGEIA PhysX SysTray] - C:\Program Files\AGEIA Technologies\TrayIcon.exe [331776 2006-03-20] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\TotalProtection\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Thomas\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-28] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [ 2009-11-12] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\i9o97yj6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\TotalProtection\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\TotalProtection\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\TotalProtection\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-05-20] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R3 TSNxGService; C:\Program Files\G Data\TotalProtection\TSNxG\TSNxGService.exe [257512 2013-02-25] (G Data Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2011-06-04] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2013-11-10] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2013-11-10] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2013-11-10] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2013-11-10] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon32.sys [29400 2011-05-14] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2013-11-10] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2013-11-10] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2013-11-10] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2013-11-10] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-06-04] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-11-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [103928 2013-11-10] (G Data Software)
S1 A2DDA; \??\C:\USERS\THOMAS\DOWNLOADS\EMSISOFTEMERGENCYKIT\RUN\a2ddax86.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Thomas\AppData\Local\Temp\catchme.sys [x]
S3 cleanhlp; \??\C:\Users\Thomas\Downloads\EmsisoftEmergencyKit\Run\cleanhlp32.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-23 13:17 - 2013-11-23 13:17 - 00012963 _____ C:\Users\Thomas\Desktop\FRST.txt
2013-11-23 13:16 - 2013-11-23 13:16 - 01091049 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-23 13:14 - 2013-11-23 13:14 - 00000895 _____ C:\Users\Thomas\Desktop\checkup.txt
2013-11-23 13:08 - 2013-11-23 13:08 - 00891184 _____ C:\Users\Thomas\Desktop\SecurityCheck.exe
2013-11-22 20:58 - 2013-11-22 20:58 - 00000000 ____D C:\Program Files\ESET
2013-11-22 20:57 - 2013-11-22 20:57 - 02347384 _____ (ESET) C:\Users\Thomas\Desktop\esetsmartinstaller_enu.exe
2013-11-19 18:58 - 2013-11-19 18:58 - 01034531 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2013-11-18 20:41 - 2013-11-18 20:41 - 00016803 _____ C:\ComboFix.txt
2013-11-18 19:18 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-18 19:18 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-18 19:18 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-18 19:18 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-18 19:17 - 2013-11-18 20:41 - 00000000 ____D C:\Qoobox
2013-11-18 19:14 - 2013-11-18 19:15 - 05146764 ____R (Swearware) C:\Users\Thomas\Desktop\ComboFix.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 18:59 - 2013-11-18 18:59 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 18:59 - 2013-11-18 18:59 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 18:59 - 2013-11-18 18:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 18:59 - 2013-11-18 18:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 18:58 - 2013-11-18 19:02 - 00009821 _____ C:\Windows\IE11_main.log
2013-11-18 18:55 - 2013-11-18 18:58 - 00000000 ____D C:\Windows\system32\MRT
2013-11-16 17:03 - 2013-11-16 17:03 - 01085542 _____ C:\Users\Thomas\Desktop\adwcleaner.exe
2013-11-16 16:56 - 2013-11-16 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 15:13 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 15:13 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-15 15:13 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-15 15:13 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-15 15:13 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-15 15:13 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-15 15:13 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-15 15:13 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-15 15:13 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-15 15:13 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-15 15:13 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-15 15:12 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-15 15:12 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 15:12 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 15:12 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 16:17 - 2013-11-10 16:48 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-18 20:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-09 16:47 - 2013-11-18 20:51 - 00093352 _____ C:\Windows\PFRO.log
2013-11-09 16:27 - 2013-11-09 16:45 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:40 - 2013-11-23 13:04 - 01315382 _____ C:\Windows\WindowsUpdate.log
2013-11-09 14:32 - 2013-11-22 20:47 - 00003121 _____ C:\Windows\setupact.log
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-04 19:14 - 2013-11-09 23:25 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:21 - 2013-11-15 15:20 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-10-30 15:16 - 2013-10-30 15:17 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:28 - 2013-10-30 02:29 - 00002505 _____ C:\DelFix.txt
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 20:28 - 2013-11-18 20:40 - 00000000 ____D C:\Windows\erdnt
2013-10-29 19:29 - 2013-10-30 02:28 - 00000000 ____D C:\Windows\ERUNT
2013-10-29 13:50 - 2013-10-29 13:51 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:17 - 2013-10-28 13:19 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-28 13:10 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-28 13:10 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-28 13:09 - 2013-10-28 13:10 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:05 - 2013-11-23 13:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 00:25 - 2013-10-30 00:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-28 00:25 - 2013-10-29 23:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-28 00:22 - 2013-11-19 18:55 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-10-27 23:50 - 2013-11-10 01:25 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 22:08 - 2013-11-09 14:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-27 21:53 - 2013-10-27 21:54 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 15:15 - 2013-11-19 18:51 - 00000000 ____D C:\AdwCleaner
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss

==================== One Month Modified Files and Folders =======

2013-11-23 13:18 - 2013-11-23 13:17 - 00012963 _____ C:\Users\Thomas\Desktop\FRST.txt
2013-11-23 13:17 - 2013-10-28 13:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-23 13:16 - 2013-11-23 13:16 - 01091049 _____ (Farbar) C:\Users\Thomas\Desktop\FRST.exe
2013-11-23 13:14 - 2013-11-23 13:14 - 00000895 _____ C:\Users\Thomas\Desktop\checkup.txt
2013-11-23 13:08 - 2013-11-23 13:08 - 00891184 _____ C:\Users\Thomas\Desktop\SecurityCheck.exe
2013-11-23 13:04 - 2013-11-09 14:40 - 01315382 _____ C:\Windows\WindowsUpdate.log
2013-11-23 04:04 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-11-22 20:58 - 2013-11-22 20:58 - 00000000 ____D C:\Program Files\ESET
2013-11-22 20:57 - 2013-11-22 20:57 - 02347384 _____ (ESET) C:\Users\Thomas\Desktop\esetsmartinstaller_enu.exe
2013-11-22 20:52 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-22 20:52 - 2009-07-14 05:34 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-22 20:47 - 2013-11-09 14:32 - 00003121 _____ C:\Windows\setupact.log
2013-11-22 20:47 - 2011-04-14 15:29 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-11-22 20:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 18:58 - 2013-11-19 18:58 - 01034531 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2013-11-19 18:55 - 2013-10-28 00:22 - 00000000 ____D C:\Users\Thomas\Desktop\Anti-Virus Software & Co
2013-11-19 18:51 - 2013-10-27 15:15 - 00000000 ____D C:\AdwCleaner
2013-11-18 20:51 - 2013-11-10 16:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-18 20:51 - 2013-11-09 16:47 - 00093352 _____ C:\Windows\PFRO.log
2013-11-18 20:41 - 2013-11-18 20:41 - 00016803 _____ C:\ComboFix.txt
2013-11-18 20:41 - 2013-11-18 19:17 - 00000000 ____D C:\Qoobox
2013-11-18 20:41 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-11-18 20:41 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-11-18 20:40 - 2013-10-29 20:28 - 00000000 ____D C:\Windows\erdnt
2013-11-18 20:39 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-11-18 19:15 - 2013-11-18 19:14 - 05146764 ____R (Swearware) C:\Users\Thomas\Desktop\ComboFix.exe
2013-11-18 19:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-18 19:02 - 2013-11-18 18:58 - 00009821 _____ C:\Windows\IE11_main.log
2013-11-18 18:59 - 2013-11-18 18:59 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 18:59 - 2013-11-18 18:59 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 18:59 - 2013-11-18 18:59 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 18:59 - 2013-11-18 18:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 18:59 - 2013-11-18 18:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 18:59 - 2013-11-18 18:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 18:59 - 2013-11-18 18:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 18:58 - 2013-11-18 18:55 - 00000000 ____D C:\Windows\system32\MRT
2013-11-18 18:55 - 2010-06-30 09:36 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-16 17:03 - 2013-11-16 17:03 - 01085542 _____ C:\Users\Thomas\Desktop\adwcleaner.exe
2013-11-16 16:56 - 2013-11-16 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 20:26 - 2013-11-15 20:26 - 00377856 _____ C:\Users\Thomas\Desktop\dm48wylg.exe
2013-11-15 19:55 - 2010-06-29 23:08 - 00000000 ____D C:\Windows\Panther
2013-11-15 15:53 - 2010-12-24 23:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 15:20 - 2013-10-30 15:21 - 00000000 ____D C:\Users\Thomas\Documents\Sicherung Registry
2013-11-15 15:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-11 05:50 - 2010-06-29 14:41 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 21:07 - 2010-06-29 14:26 - 01538492 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-10 20:11 - 2010-12-25 17:40 - 00000000 ____D C:\ProgramData\G DATA
2013-11-10 17:17 - 2013-11-10 17:17 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2013-11-10 17:17 - 2013-10-23 20:35 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00052056 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2013-11-10 17:06 - 2013-11-10 17:06 - 00002005 _____ C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk
2013-11-10 17:05 - 2013-11-10 17:05 - 00103928 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00070488 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-11-10 17:05 - 2013-11-10 17:05 - 00053208 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv32.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00096600 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00051032 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2013-11-10 17:04 - 2013-11-10 17:04 - 00045912 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2013-11-10 17:03 - 2013-11-10 17:03 - 00000000 ____D C:\ProgramData\G DATA Software
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\G Data
2013-11-10 17:03 - 2010-12-25 17:40 - 00000000 ____D C:\Program Files\Common Files\G Data
2013-11-10 16:53 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\spool
2013-11-10 16:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\winevt
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\SMI
2013-11-10 16:51 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\com
2013-11-10 16:48 - 2013-11-10 16:17 - 453077400 _____ (G Data Software AG) C:\Users\Thomas\Downloads\INT_R_FUL_2014_TP(1).exe
2013-11-10 16:17 - 2013-11-10 16:17 - 00411144 _____ C:\Users\Thomas\Downloads\AVCleaner.exe
2013-11-10 16:10 - 2013-11-10 16:10 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-10 16:10 - 2010-12-25 18:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Mozilla
2013-11-10 16:08 - 2013-11-10 16:08 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-10 15:59 - 2013-11-10 15:59 - 01142607 _____ C:\Users\Thomas\Downloads\bookmarks-2013-11-10.json
2013-11-10 01:25 - 2013-10-27 23:50 - 00000000 ____D C:\#GDATA.Trash.Store#
2013-11-09 23:25 - 2013-11-04 19:14 - 00031560 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-09 16:48 - 2010-12-24 22:52 - 00155872 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-09 16:47 - 2009-07-14 05:33 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-09 16:45 - 2013-11-09 16:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-09 16:24 - 2013-11-09 16:24 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BÜRO-Microsoft-Windows-7-Home-Premium-(32-bit).dat
2013-11-09 16:23 - 2013-11-09 16:23 - 00000000 ____D C:\RegBackup
2013-11-09 15:33 - 2013-11-09 15:33 - 00000000 ____D C:\Users\Thomas\Downloads\tweaking.com_windows_repair_aio
2013-11-09 15:31 - 2013-11-09 15:31 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(2).exe
2013-11-09 15:22 - 2013-11-09 15:22 - 00448512 _____ (OldTimer Tools) C:\Users\Thomas\Downloads\TFC.exe
2013-11-09 14:32 - 2013-11-09 14:32 - 00000000 _____ C:\Windows\setuperr.log
2013-11-09 14:01 - 2013-10-27 22:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-09 13:15 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-04 20:27 - 2013-11-04 20:27 - 00000000 ____D C:\FRST
2013-11-03 18:40 - 2011-01-22 21:08 - 00000000 ____D C:\Users\Thomas\Desktop\Bilder
2013-10-30 17:14 - 2013-10-30 17:14 - 00262144 _____ C:\Windows\system32\5-18
2013-10-30 15:19 - 2011-03-23 00:13 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2013-10-30 15:19 - 2010-12-25 20:50 - 00000000 ____D C:\Users\Thomas\Tracing
2013-10-30 15:17 - 2013-10-30 15:16 - 00000000 ____D C:\Program Files\CCleaner
2013-10-30 15:15 - 2013-10-30 15:15 - 03302432 _____ (Piriform Ltd) C:\Users\Thomas\Downloads\ccsetup407_slim.exe
2013-10-30 14:19 - 2013-10-30 14:19 - 00283104 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 25.0.exe
2013-10-30 02:29 - 2013-10-30 02:28 - 00002505 _____ C:\DelFix.txt
2013-10-30 02:28 - 2013-10-29 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-10-30 00:42 - 2013-10-28 00:25 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-29 23:57 - 2013-10-29 23:57 - 00000079 _____ C:\Windows\wininit.ini
2013-10-29 23:57 - 2013-10-28 00:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-29 13:51 - 2013-10-29 13:50 - 04580324 _____ C:\Users\Thomas\Downloads\EmsisoftEmergencyKit(1).zip.part
2013-10-28 13:20 - 2013-10-28 13:20 - 01571667 _____ (KC Softwares                                                ) C:\Users\Thomas\Downloads\sumo385_nork.exe
2013-10-28 13:19 - 2013-10-28 13:17 - 00000000 ____D C:\Users\Thomas\Downloads\JavaRa-2.3
2013-10-28 13:18 - 2012-10-13 21:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-28 13:18 - 2011-06-03 10:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 13:13 - 2013-10-28 13:13 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Thomas\Downloads\Shockwave_Installer_Slim(1).exe
2013-10-28 13:11 - 2013-10-28 13:11 - 00000000 ____D C:\ProgramData\Oracle
2013-10-28 13:10 - 2013-10-28 13:10 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-28 13:10 - 2013-10-28 13:09 - 00005671 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-28 13:10 - 2010-06-30 11:02 - 00000000 ____D C:\Program Files\Java
2013-10-28 13:07 - 2013-10-28 13:07 - 06714580 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586.exe.part
2013-10-28 13:07 - 2013-10-28 13:07 - 00915368 _____ (Oracle Corporation) C:\Users\Thomas\Downloads\jre-7u45-windows-i586-iftw.exe
2013-10-28 13:06 - 2010-12-26 12:08 - 00000000 ____D C:\Users\Thomas\AppData\Local\Adobe
2013-10-28 12:40 - 2013-10-28 12:40 - 01440846 _____ C:\Users\Thomas\Downloads\mbam-chameleon-1.62.1.1000 (1).zip
2013-10-28 12:36 - 2011-05-31 12:05 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-28 00:09 - 2010-12-25 17:45 - 00000000 ___RD C:\Users\Thomas\Desktop\Software
2013-10-27 23:51 - 2010-12-26 17:50 - 00000000 ____D C:\Users\Thomas\Documents\Dateien von AutoCAD
2013-10-27 23:51 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-10-27 23:50 - 2013-10-27 23:50 - 00262144 _____ C:\Windows\system32\18
2013-10-27 21:54 - 2013-10-27 21:53 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1007.exe
2013-10-27 21:20 - 2010-06-29 16:19 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-26 21:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-26 20:43 - 2013-10-26 20:43 - 00000000 ____D C:\Windows\pss
2013-10-26 19:46 - 2012-07-14 13:32 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TuneUpMedia

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-23 03:56

==================== End Of Log ============================
--- --- ---

--- --- ---


PC läuft wieder normal :bussi:
heißt das jetzt, dass alles weg ist?

schrauber 24.11.2013 08:32
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

TheBoogeyman 25.11.2013 23:39
Danke für die kompetente Hilfe! Thema kann jetzt zugemacht werden.

schrauber 26.11.2013 12:47
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:59 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131